blob: a49abb1f10a746f93ce42e5dc2a91c1f922e748d (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
Candidate: CVE-2004-0565
References:
MISC:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734
MLIST:[owl-users] 20040619 Linux 2.4.26-ow2
URL:http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html
MANDRAKE:MDKSA-2004:066
URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:066
XF:linux-ia64-info-disclosure(16644)
URL:http://xforce.iss.net/xforce/xfdb/16644
Description:
Floating point information leak in the context switch code for Linux 2.4.x
only checks the MFH bit but does not verify the FPH owner, which allows local
users to read register values of other processes by setting the MFH bit.
Notes:
jmm> I've verified that the check for FPH ownership is included in stock 2.6.8:
jmm> # define switch_to(prev,next,last) do { \
jmm> if (ia64_psr(ia64_task_regs(prev))->mfh && ia64_is_local_fpu_owner(prev)) {
jmm> So it's N/A, but I don't know at which time it was fixed upstream
Bugs:
upstream: released (2.4.27)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: released (2.4.19-4.woody3)
2.4.18-woody-security: released (2.4.18-14.4)
2.4.17-woody-security: released (2.4.17-1woody4)
2.4.16-woody-security: released (2.4.16-1woody3)
2.4.17-woody-security-hppa: released (32.5)
2.4.17-woody-security-ia64: released (011226.18)
2.4.18-woody-security-hppa: released (62.4)
|