CVE-2004-0565

NameCVE-2004-0565
DescriptionFloating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1067-1, DSA-1069-1, DSA-1070-1, DSA-1082-1
NVD severitylow (attack range: local)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kernel-image-sparc-2.4sourcewoody26woody1lowDSA-1070-1
kernel-patch-2.4.19-mipssourcewoody2.4.19-0.020911.1.woody5lowDSA-1070-1
kernel-source-2.4.16sourcewoody2.4.16-1woody2lowDSA-1067-1
kernel-source-2.4.17sourcewoody2.4.17-1woody4lowDSA-1082-1
kernel-source-2.4.18sourcewoody2.4.18-14.4lowDSA-1069-1
kernel-source-2.4.19sourcewoody2.4.19-4.woody3lowDSA-1070-1
kernel-source-2.4.27source(unstable)2.4.27-1low
linux-2.6source(unstable)(not affected)

Notes

- linux-2.6 <not-affected> (fixed before first upload)

Search for package or bug name: Reporting problems