Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0565

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-0565
Last Modified 21 Aug 2010 12:20:47
Published 06 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-0565

Summary

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

Vulnerable Systems

Operating System

  • Gentoo Linux

  • Linux Kernel 2.4.0

  • Mandrakesoft Mandrake Linux 10.0

  • Mandrakesoft Mandrake Linux 9.1

  • Mandrakesoft Mandrake Linux 9.2

  • Mandrakesoft Mandrake Linux Corporate Server 2.1

  • Trustix Secure Linux 2

  • Trustix Secure Linux 2.0

  • Trustix Secure Linux 2.1

Application

  • Mandrakesoft Mandrake Multi Network Firewall 8.2


References

XF - linux-ia64-info-disclosure(16644)

MISC - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734

MLIST - [owl-users] 20040619 Linux 2.4.26-ow2

BID - 10687

REDHAT - RHSA-2004:504

MANDRAKE - MDKSA-2004:066

DEBIAN - DSA-1082

DEBIAN - DSA-1070

DEBIAN - DSA-1069

DEBIAN - DSA-1067

SECUNIA - 20338

SECUNIA - 20202

SECUNIA - 20163

SECUNIA - 20162


Last Updated: 27 May 2016 10:38:39