Joyent Information for VU#649219

SYSRET 64-bit operating system privilege escalation vulnerability on Intel CPU hardware

Status

Affected

Vendor Statement

We have an illumos-derived system, SmartOS -- it (and every other illumos derivative) was affected by this vulnerability. illumos issue: https://www.illumos.org/issues/2873

Patch is in hg changeset: 13724:7740792727e0. This can also be found on the github bridge: https://github.com/illumos/illumos-gate/commit/6ba2dbf5e79c7fc6e1221844ddaa2c88a42a3fc1

Joyent's cloud customers are unaffected. Joyent's SmartDataCenter customers will be receiving an updated platform, versioned joyent_20120614T001014Z.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.illumos.org/issues/2873
https://github.com/illumos/illumos-gate/commit/6ba2dbf5e79c7fc6e1221844ddaa2c88a42a3fc1

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.