Vulnerability Note VU#631579
Hardware debug exception documentation may result in unexpected behavior
In some circumstances, some operating systems or hypervisors may not expect or properly handle an Intel architecture hardware debug exception. The error appears to be due to developer interpretation of existing documentation for certain Intel architecture interrupt/exception instructions, namely MOV SS and POP SS.
CWE-703: Improper Check or Handling of Exceptional Conditions - CVE-2018-8897
The MOV SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV SS or POP SS instruction itself). Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol 3A; section 2.3).
An authenticated attacker may be able to read sensitive data in memory or control low-level operating system functions,
Apply an update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Apple||Affected||30 Apr 2018||08 May 2018|
|Check Point Software Technologies||Affected||30 Apr 2018||10 May 2018|
|DragonFly BSD Project||Affected||30 Apr 2018||01 May 2018|
|FreeBSD Project||Affected||30 Apr 2018||07 May 2018|
|Linux Kernel||Affected||-||08 May 2018|
|Microsoft||Affected||30 Apr 2018||01 May 2018|
|Red Hat, Inc.||Affected||30 Apr 2018||08 May 2018|
|SUSE Linux||Affected||30 Apr 2018||07 May 2018|
|Synology||Affected||30 Apr 2018||09 May 2018|
|Ubuntu||Affected||30 Apr 2018||01 May 2018|
|Ubuntu||Affected||30 Apr 2018||08 May 2018|
|VMware||Affected||30 Apr 2018||07 May 2018|
|Xen||Affected||01 May 2018||01 May 2018|
|Brocade Communication Systems||Not Affected||30 Apr 2018||30 May 2018|
|eero||Not Affected||30 Apr 2018||08 May 2018|
CVSS Metrics (Learn More)
Microsoft and Intel credit Nick Peterson of Everdox Tech, LLC, for responsibly reporting this vulnerability and working with the group on coordinated disclosure. Andy Lutomirski is also credited for assistance in documenting the vulnerability for Linux.
This document was written by Garret Wassermann.
- CVE IDs: CVE-2018-8897
- Date Public: 08 May 2018
- Date First Published: 08 May 2018
- Date Last Updated: 06 Jun 2018
- Document Revision: 105
If you have feedback, comments, or additional information about this vulnerability, please send us email.