CVE-2006-1056 Information
Description
The Linux kernel before 2.6.16.9 and the FreeBSD kernel when running on AMD64 and other 7th and 8th generation AuthenticAMD processors only save/restore the FOP FIP and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending which allows one process to determine portions of the state of floating point instructions of other processes which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.
Reference
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc http://kb.vmware.com/kb/2533126 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.9 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lwn.net/Alerts/180820/ http://marc.info/?l=linux-kernel&m=114548768214478&w=2 http://secunia.com/advisories/19715 http://secunia.com/advisories/19724 http://secunia.com/advisories/19735 http://secunia.com/advisories/20398 http://secunia.com/advisories/20671 http://secunia.com/advisories/20716 http://secunia.com/advisories/20914 http://secunia.com/advisories/21035 http://secunia.com/advisories/21136 http://secunia.com/advisories/21465 http://secunia.com/advisories/21983 http://secunia.com/advisories/22417 http://secunia.com/advisories/22875 http://secunia.com/advisories/22876 http://security.freebsd.org/advisories/FreeBSD-SA-06:14-amd.txt http://securitytracker.com/id?1015966 http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm http://www.debian.org/security/2006/dsa-1097 http://www.debian.org/security/2006/dsa-1103 http://www.novell.com/linux/security/advisories/2006-05-31.html http://www.osvdb.org/24746 http://www.osvdb.org/24807 http://www.redhat.com/support/errata/RHSA-2006-0437.html http://www.redhat.com/support/errata/RHSA-2006-0575.html http://www.redhat.com/support/errata/RHSA-2006-0579.html http://www.securityfocus.com/archive/1/431341 http://www.securityfocus.com/archive/1/451404/100/0/threaded http://www.securityfocus.com/archive/1/451417/100/200/threaded http://www.securityfocus.com/archive/1/451419/100/200/threaded http://www.securityfocus.com/archive/1/451421/100/0/threaded http://www.securityfocus.com/bid/17600 http://www.ubuntu.com/usn/usn-302-1 http://www.vmware.com/download/esx/esx-213-200610-patch.html http://www.vmware.com/download/esx/esx-254-200610-patch.html http://www.vupen.com/english/advisories/2006/1426 http://www.vupen.com/english/advisories/2006/1475 http://www.vupen.com/english/advisories/2006/2554 http://www.vupen.com/english/advisories/2006/4353 http://www.vupen.com/english/advisories/2006/4502 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187910 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187911 https://exchange.xforce.ibmcloud.com/vulnerabilities/25871 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9995
Share on: