Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1056

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-1056
Last Modified 18 Apr 2014 10:02:24
Published 20 Apr 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1056

Summary

The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processers in a security-relevant fashion that was not addressed by the kernels.

Vulnerable Systems

Operating System

  • Freebsd

  • Linux Kernel 2.6 Test9 Cvs

  • Linux Kernel 2.6.0

  • Linux Kernel 2.6.1

  • Linux Kernel 2.6.10

  • Linux Kernel 2.6.11

  • Linux Kernel 2.6.11.1

  • Linux Kernel 2.6.11.10

  • Linux Kernel 2.6.11.11

  • Linux Kernel 2.6.11.12

  • Linux Kernel 2.6.11.2

  • Linux Kernel 2.6.11.3

  • Linux Kernel 2.6.11.4

  • Linux Kernel 2.6.11.5

  • Linux Kernel 2.6.11.6

  • Linux Kernel 2.6.11.7

  • Linux Kernel 2.6.11.8

  • Linux Kernel 2.6.11.9

  • Linux Kernel 2.6.12

  • Linux Kernel 2.6.12.1

  • Linux Kernel 2.6.12.2

  • Linux Kernel 2.6.12.3

  • Linux Kernel 2.6.12.4

  • Linux Kernel 2.6.12.5

  • Linux Kernel 2.6.12.6

  • Linux Kernel 2.6.13

  • Linux Kernel 2.6.13.1

  • Linux Kernel 2.6.13.2

  • Linux Kernel 2.6.13.3

  • Linux Kernel 2.6.13.4

  • Linux Kernel 2.6.14

  • Linux Kernel 2.6.14.1

  • Linux Kernel 2.6.14.2

  • Linux Kernel 2.6.14.3

  • Linux Kernel 2.6.14.4

  • Linux Kernel 2.6.14.5

  • Linux Kernel 2.6.14.6

  • Linux Kernel 2.6.14.7

  • Linux Kernel 2.6.15

  • Linux Kernel 2.6.15.1

  • Linux Kernel 2.6.15.2

  • Linux Kernel 2.6.15.3

  • Linux Kernel 2.6.15.4

  • Linux Kernel 2.6.15.5

  • Linux Kernel 2.6.15.6

  • Linux Kernel 2.6.15.7

  • Linux Kernel 2.6.16

  • Linux Kernel 2.6.16 Rc7

  • Linux Kernel 2.6.16.1

  • Linux Kernel 2.6.16.2

  • Linux Kernel 2.6.16.3

  • Linux Kernel 2.6.16.4

  • Linux Kernel 2.6.16.5

  • Linux Kernel 2.6.16.6

  • Linux Kernel 2.6.16.7

  • Linux Kernel 2.6.16.8

  • Linux Kernel 2.6.2

  • Linux Kernel 2.6.3

  • Linux Kernel 2.6.4

  • Linux Kernel 2.6.5

  • Linux Kernel 2.6.6

  • Linux Kernel 2.6.7

  • Linux Kernel 2.6.8

  • Linux Kernel 2.6.9


References

BID - 17600

SECUNIA - 19724

SECUNIA - 19715

CONFIRM - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187911

CONFIRM - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187910

XF - amd-fpu-information-disclosure(25871)

VUPEN - ADV-2006-4502

VUPEN - ADV-2006-4353

VUPEN - ADV-2006-2554

VUPEN - ADV-2006-1475

VUPEN - ADV-2006-1426

CONFIRM - http://www.vmware.com/download/esx/esx-254-200610-patch.html

CONFIRM - http://www.vmware.com/download/esx/esx-213-200610-patch.html

UBUNTU - USN-302-1

BUGTRAQ - 20061113 VMSA-2006-0009 - VMware ESX Server 3.0.0 AMD fxsave/restore issue

BUGTRAQ - 20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1

BUGTRAQ - 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2

BUGTRAQ - 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4

REDHAT - RHSA-2006:0579

REDHAT - RHSA-2006:0575

REDHAT - RHSA-2006:0437

OSVDB - 24807

OSVDB - 24746

SUSE - SUSE-SA:2006:028

DEBIAN - DSA-1103

DEBIAN - DSA-1097

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm

SECTRACK - 1015966

MISC - http://security.freebsd.org/advisories/FreeBSD-SA-06:14-amd.txt

SECUNIA - 22876

SECUNIA - 22875

SECUNIA - 22417

SECUNIA - 21983

SECUNIA - 21465

SECUNIA - 21136

SECUNIA - 21035

SECUNIA - 20914

SECUNIA - 20716

SECUNIA - 20671

SECUNIA - 20398

SECUNIA - 19735

MLIST - [linux-kernel] 20060419 RE: Linux 2.6.16.9

FEDORA - FEDORA-2006-423

CONFIRM - http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.9

CONFIRM - http://kb.vmware.com/kb/2533126

FREEBSD - FreeBSD-SA-06:14

SUSE - SUSE-SU-2014:0446


Last Updated: 27 May 2016 10:57:28