238 - Busted ASLR, PixieFail, and Bypassing HVCI
A very interesting bug that impacts most common Linux-based distros (Ubuntu, Arch, Fedora) with linux >= v5.18 that severely hinders Address Space Layout Randomization (ASLR) on 64-bit binaries and completely negates it on 32-bit binaries. The root cause is fairly simple, and is the fact that in 5.18, a change was made in the
thp_get_unmapped() function used by common filesystem drivers (ext4, ext2, btrfs, xfs, fuse) for mapping file-backed memory. The change was simply that it switched from using regular 4KB pages to using huge pages (2MB pages). Of course, 2MB pages have a larger page boundary (
0x100000 instead of
0x1000). Due to alignment, this eliminates 9 bits of entropy from the base address of files such as
In 64-bit, this loss of 9 bits takes the entropy of bits for ASLR from 28 to 19. In 32-bit, this takes the 8 bits to zero.
A logical issue that allows bypassing Hypervisor Code Integrity (HVCI) on certain Intel-based machines. HVCI is a Virtualization-Based Security (VBS) mitigation that protects kernel code pages from being made writable, as well as preventing new read/write/execute (RWX) mappings from being created by a compromised guest kernel. When VBS is enabled and the machine boots, the hypervisor will change permissions on certain ranges and setup Extended Page Tables (EPT) to enforce this. On certain Intel 6th - 10th gen based machines though, they found EPT entries that were RWX to the guest. Moreover, these guest physical addresses were constant across reboot, making exploitation trivial. An attacker could simply use one of these addresses, place shellcode there, and jump to it with a compromised kernel.
The reason this happens gets into the weeds of the IOMMU and the DMA Remapping (DMAR) Advanced Configuration and Power Interface (ACPI) table. Ultimately what it comes down to is the BIOS on some of these platforms would have reserved memory regions, which is where those RWX guest ranges come from. The BIOS should be reporting any physical memory described in the Reserved Memory Region Reporting (RMRR) structure as reserved memory in the UEFI map, but on certain machines it doesn’t. Since the secure kernel can’t account for it, when it’s determined that HVCI is enabled, it’s not aware of those regions and as such can’t change the permissions on them.