Vulnerability in Gentoo Linux
CVE-2004-0565
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
EPSS: 0.004 (35.2th percentile) — read the EPSS interpretation.
Affected products
- Gentoo Linux
- Linux Linux_kernel — versions 2.4.0
- Mandrakesoft Mandrake_linux — versions 9.1, 9.2, 10.0
- Mandrakesoft Mandrake_linux_corporate_server — versions 2.1
- Mandrakesoft Mandrake_multi_network_firewall — versions 8.2
- Trustix Secure_linux — versions 2, 2.0, 2.1
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (Vendor Advisory, mailing-list, x_refsource_MLIST)
- cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
- cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
- cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_MISC, Vendor Advisory)