blob: af49eed2fd71b7bec22d551eda3923e873c93962 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
Candidate: CVE-2006-1056
References:
CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187910
CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187911
URL:http://marc.theaimsgroup.com/?l=linux-kernel&m=114548768214478&w=2
URL:http://www.securityfocus.com/bid/17600
URL:http://xforce.iss.net/xforce/xfdb/25871
Description:
The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on
AMD64 and other 7th and 8th generation AuthenticAMD processors, only
save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an
exception is pending, which allows one process to determine portions of the
state of floating point instructions of other processes, which can be
leveraged to obtain sensitive information such as cryptographic keys. NOTE:
this is the documented behavior of AMD64 processors, but it is inconsistent
with Intel processers in a security-relevant fashion that was not addressed
by the kernels.
Notes:
Bugs:
upstream: released (2.4.33-pre3), released (2.6.16.9)
linux-2.6: released (2.6.16-9)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
2.4.19-woody-security:
2.4.18-woody-security:
2.4.17-woody-security:
2.4.16-woody-security:
2.4.17-woody-security-hppa:
2.4.17-woody-security-ia64:
|
