Tag Archives: CVE-1999-1476

CWE-1281 – Sequence of Processor Instructions Leads to Unexpected Behavior

Read Time:38 Second

Description

Specific combinations of processor instructions lead to undesirable behavior such as locking the processor until a hard reset performed.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-691

 

Consequences

Integrity, Availability: Varies by Context

 

Potential Mitigations

Phase: Testing

Description: 

Implement a rigorous testing strategy that incorporates randomization to explore instruction sequences that are unlikely to appear in normal workloads in order to identify halt and catch fire instruction sequences.

Phase: Patching and Maintenance

Description: 

Patch operating system to avoid running Halt and Catch Fire type sequences or to mitigate the damage caused by unexpected behavior. See [REF-1108].

CVE References

  • CVE-1999-1476
    • A bug in some Intel Pentium processors allow DoS (hang) via an invalid “CMPXCHG8B” instruction, causing a deadlock

CWE-833 – Deadlock

Read Time:1 Minute, 22 Second

Description

The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.

Modes of Introduction:

Likelihood of Exploit:

 

Related Weaknesses

CWE-667
CWE-662

 

Consequences

Availability: DoS: Resource Consumption (CPU), DoS: Resource Consumption (Other), DoS: Crash, Exit, or Restart

Each thread of execution will “hang” and prevent tasks from completing. In some cases, CPU consumption may occur if a lock check occurs in a tight loop.

 

Potential Mitigations

CVE References

 

  • CVE-1999-1476
    • A bug in some Intel Pentium processors allow DoS (hang) via an invalid “CMPXCHG8B” instruction, causing a deadlock
  • CVE-2009-4272
    • deadlock triggered by packets that force collisions in a routing table
  • CVE-2002-1850
    • read/write deadlock between web server and script
  • CVE-2004-0174
    • web server deadlock involving multiple listening connections
  • CVE-2009-1388
    • multiple simultaneous calls to the same function trigger deadlock.
  • CVE-2006-5158
    • chain: other weakness leads to NULL pointer dereference (CWE-476) or deadlock (CWE-833).
  • CVE-2006-4342
    • deadlock when an operation is performed on a resource while it is being removed.
  • CVE-2006-2374
    • Deadlock in device driver triggered by using file handle of a related device.
  • CVE-2006-2275
    • Deadlock when large number of small messages cannot be processed quickly enough.
  • CVE-2005-3847
    • OS kernel has deadlock triggered by a signal during a core dump.
  • CVE-2005-2456
    • Chain: array index error (CWE-129) leads to deadlock (CWE-833)