{"id":444,"date":"2018-05-10T15:37:07","date_gmt":"2018-05-10T15:37:07","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/threatpost\/?p=131869"},"modified":"2018-05-10T15:37:07","modified_gmt":"2018-05-10T15:37:07","slug":"major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/","title":{"rendered":"Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked"},"content":{"rendered":"<div class=\"media_block\"><\/div>\n<div><img decoding=\"async\" src=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/31\/2018\/03\/20171605\/CPU-chip.jpg\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>Multiple operating system vendors issued coordinated patches this week to address a common vulnerability across their platforms, which was introduced thanks to widespread misinterpretation of Intel developer documentation.<\/p>\n<p>According to the CERT\/CC team, <a href=\"https:\/\/www.kb.cert.org\/vuls\/byvendor?searchview&amp;Query=FIELD+Reference=631579&amp;SearchOrder=4\">most major players<\/a> (including Apple, FreeBSD, Microsoft, Red Hat, Ubuntu, VMWare and Xen, plus distros based on the Linux Kernel OS) built an uncannily similar privilege escalation flaw into their Intel-based products.<\/p>\n<p>The flaw isn\u2019t remotely exploitable \u2013 a bad actor would need to gain local access to the victim\u2019s machine via malware or stolen credentials. But once in, CERT\/CC explained that an attacker armed with OS APIs could access sensitive memory information, and also \u201ccontrol low-level OS functions\u201d by gaining elevated access privileges to the kernel level \u2013 i.e., hijack the code that controls the PC, Mac or VM.<\/p>\n<p>From there, Microsoft <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8897\">explained<\/a>, it\u2019s possible to install programs and malware; view, change or delete data; or create new accounts with full user rights.<\/p>\n<p>On the more innocuous end of the threat-level spectrum, the issue can also simply crash the kernel by confusing the system, causing a denial-of-service state.<\/p>\n<p>On the more technical front, the flaw (<a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-8897\">CVE-2018-8897<\/a>) resides in a debug exception in the x86-64 architectures. To be clear, the issue doesn\u2019t exist in the chip itself, but rather in the way developers have built their software stacks to interact with the processor.<\/p>\n<p>As Red Hat explained, modern processors provide debugging infrastructure, used by system designers and application developers to debug their software and monitor events, including memory access (read or write), instruction execution and I\/O port access.<\/p>\n<p>\u201cWhen such an event occurs during program execution, the processor raises a Debug Exception (#DB) to transfer execution control to debugging software,\u201d the company said in its <a href=\"https:\/\/access.redhat.com\/security\/vulnerabilities\/pop_ss\">overview<\/a> of the flaw. \u201cThis catches the debug exception and allows a developer to examine program execution state.\u201d<\/p>\n<p>Developers appear to have widely misunderstood the way Intel processors handle that exception, leading to the same issue popping up across the computing landscape.<\/p>\n<p>\u201cThe error appears to be due to developer interpretation of existing documentation for certain Intel architecture interrupt\/exception instructions, namely MOV to SS and POP to SS,\u201d CERT\/CC said.<\/p>\n<p>The CERT\/CC team explained the problem in an <a href=\"https:\/\/www.kb.cert.org\/vuls\/id\/631579\">advisory<\/a>: \u201cIn certain circumstances, after the use of certain Intel x86-64 architecture instructions, a debug exception pointing to data in a lower ring (for most operating systems, the kernel Ring 0 level) is made available to operating system components running in Ring 3.\u201d<\/p>\n<p>Nick Peterson of Everdox Tech, who first uncovered the vulnerability, pointed the finger at what he said was Intel\u2019s lack of clarity in its instruction manual. In a <a href=\"http:\/\/everdox.net\/popss.pdf\">technical brief<\/a>, he noted, \u201cThis is a serious security vulnerability and oversight made by operating system vendors due to unclear and perhaps even incomplete documentation.\u201d<\/p>\n<p>We reached out to Intel and received an official statement:<\/p>\n<p><em>\u201cThe security of our customers and partners is important to us.\u00a0<\/em><em>To help ensure clear communication with the developer community, we\u00a0<\/em><em>are updating our\u00a0<a href=\"https:\/\/software.intel.com\/en-us\/articles\/intel-sdm\">Software Developers Manual<\/a><\/em><em>\u00a0(SDM) with clarifying language on the secure use of the POP\/MOV-SS instructions. We recommend that system software vendors evaluate their software to confirm their products handle the situations in question. More information is available\u00a0<a href=\"https:\/\/www.kb.cert.org\/vuls\/id\/631579\">here<\/a><\/em><em>.\u201d<\/em><\/p>\n<p>Creating secure computing environments obviously takes coordination between the chipmaker, software developers and vendors; however, there are always blind spots. In this case, once the chip is out the door, Intel has no visibility or control over how developers build software to use its silicon.<\/p>\n<p>READ MORE <a href=\"https:\/\/threatpost.com\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/131869\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apple, Microsoft, Red Hat and others have built an uncannily similar privilege escalation flaw into their Intel-based products. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":445,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[3],"tags":[321,322,65,323,324,325,116,326,327,19],"class_list":["post-444","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threatpost","tag-debug-exception","tag-documentation","tag-intel","tag-kernel","tag-misinterpretation","tag-os-vendors","tag-patch","tag-privilege-escalation-flaw","tag-processors","tag-vulnerabilities"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-10T15:37:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"680\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked\",\"datePublished\":\"2018-05-10T15:37:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/\"},\"wordCount\":606,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked.jpg\",\"keywords\":[\"debug exception\",\"documentation\",\"Intel\",\"Kernel\",\"misinterpretation\",\"os vendors\",\"patch\",\"privilege escalation flaw\",\"Processors\",\"Vulnerabilities\"],\"articleSection\":[\"Threatpost\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/\",\"name\":\"Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked.jpg\",\"datePublished\":\"2018-05-10T15:37:07+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked.jpg\",\"width\":680,\"height\":400},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"debug exception\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/debug-exception\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/","og_locale":"en_US","og_type":"article","og_title":"Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-05-10T15:37:07+00:00","og_image":[{"width":680,"height":400,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked","datePublished":"2018-05-10T15:37:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/"},"wordCount":606,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked.jpg","keywords":["debug exception","documentation","Intel","Kernel","misinterpretation","os vendors","patch","privilege escalation flaw","Processors","Vulnerabilities"],"articleSection":["Threatpost"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/","url":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/","name":"Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked.jpg","datePublished":"2018-05-10T15:37:07+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked.jpg","width":680,"height":400},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"debug exception","item":"https:\/\/www.threatshub.org\/blog\/tag\/debug-exception\/"},{"@type":"ListItem","position":3,"name":"Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=444"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/444\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/445"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}