Monday, July 14, 2014

Kernel Information Leak with Unprivileged Instructions (SIDT, SGDT) on x86 - WHY ?

In computer security, information leaking is one of threats to software security. For example, the memory address of kernel critical resource should not be visible to user mode. Address space layout randomization (ASLR) is just one of techniques to prevent an attacker from reliably getting a particular exploited function in memory. 

However, I'm just very curious about why x86 processor leaks kernel data structures by some unprivileged instructions. Is this a bad CPU design?