CVE-2002-1571 Information

Description

The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers which could lead to an information leak on processors that do not clear all relevant SSE registers.

Reference

http://linux.bkbits.net:8080/linux-2.4/diffs/arch/i386/kernel/i387.c@1.6 http://search.luky.org/linux-kernel.2002/msg24003.html http://search.luky.org/linux-kernel.2002/msg24992.html http://www.cs.helsinki.fi/linux/linux-kernel/2002-15/0628.html http://www.cs.helsinki.fi/linux/linux-kernel/2002-15/0760.html