CVE-2005-0109

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
References
Link Resource
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt Third Party Advisory
http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 Mailing List
http://marc.info/?l=freebsd-security&m=110994370429609&w=2 Mailing List
http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 Mailing List
http://secunia.com/advisories/15348 Permissions Required
http://secunia.com/advisories/18165 Permissions Required
http://securitytracker.com/id?1013967 Patch Third Party Advisory VDB Entry Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1 Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754 Broken Link
http://www.daemonology.net/hyperthreading-considered-harmful/ Third Party Advisory
http://www.daemonology.net/papers/htt.pdf Third Party Advisory
http://www.kb.cert.org/vuls/id/911878 Third Party Advisory US Government Resource
http://www.redhat.com/support/errata/RHSA-2005-476.html Not Applicable
http://www.redhat.com/support/errata/RHSA-2005-800.html Not Applicable
http://www.securityfocus.com/bid/12724 Patch Third Party Advisory VDB Entry Vendor Advisory
http://www.vupen.com/english/advisories/2005/0540 Permissions Required
http://www.vupen.com/english/advisories/2005/3002 Permissions Required
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747 Third Party Advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt Third Party Advisory
http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 Mailing List
http://marc.info/?l=freebsd-security&m=110994370429609&w=2 Mailing List
http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 Mailing List
http://secunia.com/advisories/15348 Permissions Required
http://secunia.com/advisories/18165 Permissions Required
http://securitytracker.com/id?1013967 Patch Third Party Advisory VDB Entry Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1 Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754 Broken Link
http://www.daemonology.net/hyperthreading-considered-harmful/ Third Party Advisory
http://www.daemonology.net/papers/htt.pdf Third Party Advisory
http://www.kb.cert.org/vuls/id/911878 Third Party Advisory US Government Resource
http://www.redhat.com/support/errata/RHSA-2005-476.html Not Applicable
http://www.redhat.com/support/errata/RHSA-2005-800.html Not Applicable
http://www.securityfocus.com/bid/12724 Patch Third Party Advisory VDB Entry Vendor Advisory
http://www.vupen.com/english/advisories/2005/0540 Permissions Required
http://www.vupen.com/english/advisories/2005/3002 Permissions Required
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747 Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.3:release_p38:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.8:pre-release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.8:release_p6:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.9:pre-release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.9:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.10:release_p8:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.11:release_p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.11:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:4.11:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.4:pre-release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*
cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*
cpe:2.3:o:sco:unixware:7.1.3:*:*:*:*:*:*:*
cpe:2.3:o:sco:unixware:7.1.3_up:*:*:*:*:*:*:*
cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*

History

20 Nov 2024, 23:54

Type Values Removed Values Added
References () ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt - Third Party Advisory () ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt - Third Party Advisory
References () http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 - Mailing List () http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 - Mailing List
References () http://marc.info/?l=freebsd-security&m=110994370429609&w=2 - Mailing List () http://marc.info/?l=freebsd-security&m=110994370429609&w=2 - Mailing List
References () http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 - Mailing List () http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 - Mailing List
References () http://secunia.com/advisories/15348 - Permissions Required () http://secunia.com/advisories/15348 - Permissions Required
References () http://secunia.com/advisories/18165 - Permissions Required () http://secunia.com/advisories/18165 - Permissions Required
References () http://securitytracker.com/id?1013967 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory () http://securitytracker.com/id?1013967 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1 - Vendor Advisory () http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1 - Vendor Advisory
References () http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754 - Broken Link () http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754 - Broken Link
References () http://www.daemonology.net/hyperthreading-considered-harmful/ - Third Party Advisory () http://www.daemonology.net/hyperthreading-considered-harmful/ - Third Party Advisory
References () http://www.daemonology.net/papers/htt.pdf - Third Party Advisory () http://www.daemonology.net/papers/htt.pdf - Third Party Advisory
References () http://www.kb.cert.org/vuls/id/911878 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/911878 - Third Party Advisory, US Government Resource
References () http://www.redhat.com/support/errata/RHSA-2005-476.html - Not Applicable () http://www.redhat.com/support/errata/RHSA-2005-476.html - Not Applicable
References () http://www.redhat.com/support/errata/RHSA-2005-800.html - Not Applicable () http://www.redhat.com/support/errata/RHSA-2005-800.html - Not Applicable
References () http://www.securityfocus.com/bid/12724 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory () http://www.securityfocus.com/bid/12724 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory
References () http://www.vupen.com/english/advisories/2005/0540 - Permissions Required () http://www.vupen.com/english/advisories/2005/0540 - Permissions Required
References () http://www.vupen.com/english/advisories/2005/3002 - Permissions Required () http://www.vupen.com/english/advisories/2005/3002 - Permissions Required
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747 - Third Party Advisory () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747 - Third Party Advisory

Information

Published : 2005-03-05 05:00

Updated : 2024-11-20 23:54


NVD link : CVE-2005-0109

Mitre link : CVE-2005-0109

CVE.ORG link : CVE-2005-0109


JSON object : View

Products Affected

sun

  • solaris

sco

  • unixware
  • openserver

ubuntu

  • ubuntu_linux

redhat

  • enterprise_linux_desktop
  • fedora_core
  • enterprise_linux

freebsd

  • freebsd