retired/CVE-2004-0565


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

Candidate: CVE-2004-0565
References: 
 MISC:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734
 MLIST:[owl-users] 20040619 Linux 2.4.26-ow2
 URL:http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html
 MANDRAKE:MDKSA-2004:066
 URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:066
 XF:linux-ia64-info-disclosure(16644)
 URL:http://xforce.iss.net/xforce/xfdb/16644
Description: 
 Floating point information leak in the context switch code for Linux 2.4.x
 only checks the MFH bit but does not verify the FPH owner, which allows local
 users to read register values of other processes by setting the MFH bit.
Notes: 
 jmm> I've verified that the check for FPH ownership is included in stock 2.6.8:
 jmm> # define switch_to(prev,next,last) do {                                         \
 jmm>         if (ia64_psr(ia64_task_regs(prev))->mfh && ia64_is_local_fpu_owner(prev)) {
 jmm> So it's N/A, but I don't know at which time it was fixed upstream
Bugs: 
upstream: released (2.4.27)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: released (2.4.19-4.woody3)
2.4.18-woody-security: released (2.4.18-14.4)
2.4.17-woody-security: released (2.4.17-1woody4)
2.4.16-woody-security: released (2.4.16-1woody3)
2.4.17-woody-security-hppa: released (32.5)
2.4.17-woody-security-ia64: released (011226.18)
2.4.18-woody-security-hppa: released (62.4)