There exists a «feature» in the x86 architecture that, due to improper programming by many operating system vendors, can be exploited to achieve local privilege escalation. At the time of discovery, this issue was present on the latest-and-greatest versions of Microsoft Windows, Apple’s macOS, and certain distributions of Linux. This issue, very likely, impacts other operating systems on the x86 architecture.
By Nemanja Mulasmajic + Nicolas Peterson
Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#why-so-spurious-how-a-highly-error-prone-x86x64-cpu-feature-can-be-abused-to-achieve-local-privilege-escalation-on-many-operating-systems-11196