From fe1cfcd1a0f42b4e4938f7b327c33e89936aff76 Mon Sep 17 00:00:00 2001 From: raja-grewal Date: Fri, 12 Dec 2025 02:03:23 +0000 Subject: [PATCH] Update docs on CPU MSRs --- README.md | 3 ++- .../30_security-misc_disable.conf#security-misc-shared | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 6de1b09..1b852df 100644 --- a/README.md +++ b/README.md @@ -383,7 +383,8 @@ Hardware modules: - Optional - Bluetooth: Disabled to reduce attack surface. -- Optional - CPU MSRs: Disabled as can be abused to write to arbitrary memory. +- Optional - CPU MSRs: Disabled as can be abused to access other trust domains + and write to arbitrary memory. - FireWire (IEEE 1394): Disabled as they are often vulnerable to DMA attacks. diff --git a/etc/modprobe.d/30_security-misc_disable.conf#security-misc-shared b/etc/modprobe.d/30_security-misc_disable.conf#security-misc-shared index 6752374..049e97b 100644 --- a/etc/modprobe.d/30_security-misc_disable.conf#security-misc-shared +++ b/etc/modprobe.d/30_security-misc_disable.conf#security-misc-shared @@ -42,9 +42,11 @@ #install virtio_bt /usr/bin/disabled-bluetooth-by-security-misc ## CPU Model-Specific Registers (MSRs): -## Can disable CPU MSRs as they can be abused to write to arbitrary memory. +## User-level read access to MSRs can allow malicious unprivileged applications to access other trust domains. +## MSRs can also be abused to write to arbitrary memory. ## ## https://en.wikipedia.org/wiki/Model-specific_register +## https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/running-average-power-limit-energy-reporting.html ## https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/best-practices/reading-writing-msrs-in-linux.html ## https://security.stackexchange.com/questions/119712/methods-root-can-use-to-elevate-itself-to-kernel-mode ## https://github.com/Kicksecure/security-misc/issues/215