Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2005-0109

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-08 Mar, 2005 | 05:00
Updated At-07 Aug, 2024 | 20:57
Rejected At-
Credits

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:08 Mar, 2005 | 05:00
Updated At:07 Aug, 2024 | 20:57
Rejected At:
â–¼CVE Numbering Authority (CNA)

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.kb.cert.org/vuls/id/911878
third-party-advisory
x_refsource_CERT-VN
http://secunia.com/advisories/18165
third-party-advisory
x_refsource_SECUNIA
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
x_refsource_MISC
http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2
mailing-list
x_refsource_MLIST
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt
vendor-advisory
x_refsource_SCO
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747
vdb-entry
signature
x_refsource_OVAL
http://www.vupen.com/english/advisories/2005/3002
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/15348
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/12724
vdb-entry
x_refsource_BID
http://marc.info/?l=freebsd-security&m=110994370429609&w=2
mailing-list
x_refsource_MLIST
http://www.redhat.com/support/errata/RHSA-2005-476.html
vendor-advisory
x_refsource_REDHAT
http://securitytracker.com/id?1013967
vdb-entry
x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2005/0540
vdb-entry
x_refsource_VUPEN
http://www.daemonology.net/papers/htt.pdf
x_refsource_MISC
http://www.redhat.com/support/errata/RHSA-2005-800.html
vendor-advisory
x_refsource_REDHAT
http://www.daemonology.net/hyperthreading-considered-harmful/
x_refsource_MISC
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1
vendor-advisory
x_refsource_SUNALERT
http://marc.info/?l=openbsd-misc&m=110995101417256&w=2
mailing-list
x_refsource_MLIST
Hyperlink: http://www.kb.cert.org/vuls/id/911878
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://secunia.com/advisories/18165
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
Resource:
x_refsource_MISC
Hyperlink: http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt
Resource:
vendor-advisory
x_refsource_SCO
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.vupen.com/english/advisories/2005/3002
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/15348
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/12724
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://marc.info/?l=freebsd-security&m=110994370429609&w=2
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-476.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://securitytracker.com/id?1013967
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.vupen.com/english/advisories/2005/0540
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.daemonology.net/papers/htt.pdf
Resource:
x_refsource_MISC
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-800.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.daemonology.net/hyperthreading-considered-harmful/
Resource:
x_refsource_MISC
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://marc.info/?l=openbsd-misc&m=110995101417256&w=2
Resource:
mailing-list
x_refsource_MLIST
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.kb.cert.org/vuls/id/911878
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://secunia.com/advisories/18165
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
x_refsource_MISC
x_transferred
http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2
mailing-list
x_refsource_MLIST
x_transferred
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt
vendor-advisory
x_refsource_SCO
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.vupen.com/english/advisories/2005/3002
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/15348
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/12724
vdb-entry
x_refsource_BID
x_transferred
http://marc.info/?l=freebsd-security&m=110994370429609&w=2
mailing-list
x_refsource_MLIST
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-476.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://securitytracker.com/id?1013967
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.vupen.com/english/advisories/2005/0540
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.daemonology.net/papers/htt.pdf
x_refsource_MISC
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-800.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.daemonology.net/hyperthreading-considered-harmful/
x_refsource_MISC
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://marc.info/?l=openbsd-misc&m=110995101417256&w=2
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/911878
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://secunia.com/advisories/18165
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt
Resource:
vendor-advisory
x_refsource_SCO
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2005/3002
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/15348
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/12724
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://marc.info/?l=freebsd-security&m=110994370429609&w=2
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-476.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://securitytracker.com/id?1013967
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2005/0540
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.daemonology.net/papers/htt.pdf
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-800.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.daemonology.net/hyperthreading-considered-harmful/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://marc.info/?l=openbsd-misc&m=110995101417256&w=2
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:05 Mar, 2005 | 05:00
Updated At:03 Apr, 2025 | 01:03

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.05.6MEDIUM
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Primary2.04.7MEDIUM
AV:L/AC:M/Au:N/C:C/I:N/A:N
Type: Primary
Version: 3.0
Base score: 5.6
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Type: Primary
Version: 2.0
Base score: 4.7
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:N/C:C/I:N/A:N
CPE Matches
FreeBSD Foundation
freebsd
>>freebsd>>1.1.5.1
cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.0
cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.0.5
cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1.0
cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1.5
cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1.6
cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1.6.1
cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1.7.1
cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2
cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.2
cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.3
cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.4
cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.5
cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.6
cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.8
cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.0
cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.0
cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.1
cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.2
cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.3
cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.4
cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.5
cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.5
cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.5.1
cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.5.1
cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.5.1
cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.0
cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.0
cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.0
cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.1
cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.1.1
cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.1.1
cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.1.1
cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.2
cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.2
cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.3
cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.3
cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.3
cpe:2.3:o:freebsd:freebsd:4.3:release_p38:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.3
cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.3
cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.4
cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.4
cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.4
cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.4
cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.5
cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.5
cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.5
cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.5
cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.5
cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.6
cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-03-14T00:00:00

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References
HyperlinkSourceResource
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txtcve@mitre.org
Third Party Advisory
http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2cve@mitre.org
Mailing List
http://marc.info/?l=freebsd-security&m=110994370429609&w=2cve@mitre.org
Mailing List
http://marc.info/?l=openbsd-misc&m=110995101417256&w=2cve@mitre.org
Mailing List
http://secunia.com/advisories/15348cve@mitre.org
Permissions Required
http://secunia.com/advisories/18165cve@mitre.org
Permissions Required
http://securitytracker.com/id?1013967cve@mitre.org
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1cve@mitre.org
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754cve@mitre.org
Broken Link
http://www.daemonology.net/hyperthreading-considered-harmful/cve@mitre.org
Third Party Advisory
http://www.daemonology.net/papers/htt.pdfcve@mitre.org
Third Party Advisory
http://www.kb.cert.org/vuls/id/911878cve@mitre.org
Third Party Advisory
US Government Resource
http://www.redhat.com/support/errata/RHSA-2005-476.htmlcve@mitre.org
Not Applicable
http://www.redhat.com/support/errata/RHSA-2005-800.htmlcve@mitre.org
Not Applicable
http://www.securityfocus.com/bid/12724cve@mitre.org
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://www.vupen.com/english/advisories/2005/0540cve@mitre.org
Permissions Required
http://www.vupen.com/english/advisories/2005/3002cve@mitre.org
Permissions Required
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747cve@mitre.org
Third Party Advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txtaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://marc.info/?l=freebsd-security&m=110994370429609&w=2af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://marc.info/?l=openbsd-misc&m=110995101417256&w=2af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://secunia.com/advisories/15348af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://secunia.com/advisories/18165af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://securitytracker.com/id?1013967af854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.daemonology.net/hyperthreading-considered-harmful/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.daemonology.net/papers/htt.pdfaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.kb.cert.org/vuls/id/911878af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.redhat.com/support/errata/RHSA-2005-476.htmlaf854a3a-2127-422b-91ae-364da2661108
Not Applicable
http://www.redhat.com/support/errata/RHSA-2005-800.htmlaf854a3a-2127-422b-91ae-364da2661108
Not Applicable
http://www.securityfocus.com/bid/12724af854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
http://www.vupen.com/english/advisories/2005/0540af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2005/3002af854a3a-2127-422b-91ae-364da2661108
Permissions Required
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2
Source: cve@mitre.org
Resource:
Mailing List
Hyperlink: http://marc.info/?l=freebsd-security&m=110994370429609&w=2
Source: cve@mitre.org
Resource:
Mailing List
Hyperlink: http://marc.info/?l=openbsd-misc&m=110995101417256&w=2
Source: cve@mitre.org
Resource:
Mailing List
Hyperlink: http://secunia.com/advisories/15348
Source: cve@mitre.org
Resource:
Permissions Required
Hyperlink: http://secunia.com/advisories/18165
Source: cve@mitre.org
Resource:
Permissions Required
Hyperlink: http://securitytracker.com/id?1013967
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.daemonology.net/hyperthreading-considered-harmful/
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.daemonology.net/papers/htt.pdf
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/911878
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-476.html
Source: cve@mitre.org
Resource:
Not Applicable
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-800.html
Source: cve@mitre.org
Resource:
Not Applicable
Hyperlink: http://www.securityfocus.com/bid/12724
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2005/0540
Source: cve@mitre.org
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2005/3002
Source: cve@mitre.org
Resource:
Permissions Required
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: http://marc.info/?l=freebsd-security&m=110994370429609&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: http://marc.info/?l=openbsd-misc&m=110995101417256&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: http://secunia.com/advisories/15348
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://secunia.com/advisories/18165
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://securitytracker.com/id?1013967
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.daemonology.net/hyperthreading-considered-harmful/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.daemonology.net/papers/htt.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/911878
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-476.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Not Applicable
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-800.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Not Applicable
Hyperlink: http://www.securityfocus.com/bid/12724
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2005/0540
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2005/3002
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

7Records found
CVE-2009-4358
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.05% / 13.84%
||
7 Day CHG~0.00%
Published-20 Dec, 2009 | 02:00
Updated-16 Sep, 2024 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/freebsd-update by default), which allows local users to read copies of sensitive files after a (1) freebsd-update fetch (fetch) or (2) freebsd-update upgrade (upgrade) operation.

Action-Not Available
Vendor-n/aFreeBSD Foundation
Product-freebsdn/a
CWE ID-CWE-264
Not Available
CVE-2009-1933
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.05% / 15.12%
||
7 Day CHG~0.00%
Published-05 Jun, 2009 | 15:25
Updated-07 Aug, 2024 | 05:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-opensolarissolarisn/a
CWE ID-CWE-255
Not Available
CVE-2008-0938
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.04% / 13.39%
||
7 Day CHG~0.00%
Published-25 Feb, 2008 | 18:00
Updated-07 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows local users with PRIV_DTRACE_USER or PRIV_DTRACE_PROC privileges to obtain sensitive kernel information via unspecified vectors, a different vulnerability than CVE-2007-4126.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarisn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2013-5666
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.07% / 20.88%
||
7 Day CHG~0.00%
Published-23 Sep, 2013 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sendfile system-call implementation in sys/kern/uipc_syscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive information (kernel memory) via a length greater than the length of the file.

Action-Not Available
Vendor-n/aFreeBSD Foundation
Product-freebsdn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2013-1928
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.06% / 16.90%
||
7 Day CHG~0.00%
Published-29 Apr, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive information from kernel stack memory via a crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb device.

Action-Not Available
Vendor-n/aRed Hat, Inc.Linux Kernel Organization, Inc
Product-enterprise_linuxlinux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-3693
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.6||MEDIUM
EPSS-0.92% / 75.49%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 21:00
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

Action-Not Available
Vendor-Oracle CorporationArm LimitedNetApp, Inc.Red Hat, Inc.Fujitsu LimitedIntel Corporation
Product-enterprise_linux_server_eusxeon_e3_12201enterprise_linux_server_ausxeon_e3_1225_v3xeon_e5_2450lxeon_e5_1620_v3xeon_e5_1428lxeon_e5_1620_v4xeon_e3_1240l_v5xeon_e3_1270xeon_e3_1220_v6xeon_e3_1230l_v3xeon_e3_1230_v2xeon_e3_1225_v5xeon_e5_1630_v3xeon_bronze_3106xeon_e5_1680_v3xeon_e5_2643_v2m12-2senterprise_linux_workstationxeon_e3_1235xeon_e3_1281_v3xeon_e3_1220l_v3xeon_e3_1275xeon_e5_2450_v2xeon_e5_2408l_v3xeon_e5_1428l_v3xeon_phixeon_e3_1240_v2xeon_e5_2648lxeon_e3_1276_v3xeon_silverxeon_e5_2609_v4atom_zxeon_e3_1265l_v2xeon_e3_1278l_v4xeon_e5_1620_v2xeon_e3_1240xeon_e5_2630_v2xeon_e3_1246_v3xeon_e5_2637core_i7xeon_e-1105cxeon_e5_2448lxeon_e5_2630lxeon_e5_2643xeon_e3_1275l_v3core_m3xeon_e3_1105c_v2xeon_e5_2637_v2xeon_e3xeon_e3_1245_v5xeon_e5_2430_v2xeon_e5_2640_v4xeon_e5_2648l_v2xeon_e5_2608l_v3enterprise_linux_serverxeon_e3_1501l_v6m12-1xeon_e3_1230_v3xeon_e3_1226_v3xeon_e5_1650_v3xeon_e5_2430lxeon_e5_2428l_v3xeon_e3_1240_v5xeon_e5_2430l_v2xeon_e5_2637_v3xeon_e7xeon_e3_1280_v5xeon_e3_1245_v6xeon_e5_2420_v2solidfire_element_os_management_nodexeon_e5_2648l_v3core_i3celeron_nxeon_e5_2428lxeon_e3_1505m_v5xeon_e5_1660_v4xeon_e5_2620_v4xeon_e5_2428l_v2core_i5xeon_e3_1235l_v5xeon_e5_1660_v3celeron_jxeon_e5_2407_v2xeon_e5_2650_v2xeon_e3_1245_v3xeon_e3_1505l_v5xeon_e3_1230xeon_e3_1225xeon_e3_1245m12-2xeon_e5_2630_v4pentium_jatom_x3core_m7xeon_e3_1241_v3xeon_e3_1275_v2xeon_e3_1275_v6xeon_e3_1285l_v3xeon_e5_1620xeon_e5_2620_v3xeon_e5_2630l_v3cortex-axeon_e5_2640_v2xeon_platinumxeon_e5_1680_v4xeon_e5_2628l_v3xeon_e5_2609_v2xeon_e5_2430xeon_e5_2643_v3xeon_e5_1428l_v2xeon_e3_1240l_v3xeon_e3_1285l_v4xeon_bronze_3104xeon_e3_1125cxeon_e3_1230_v6xeon_e5_1630_v4communications_eagle_application_processorxeon_e5_2407xeon_e5_2643_v4xeon_e3_1220_v3xeon_e3_1280_v6xeon_e5_2620communications_lsmsxeon_e3_1285_v6enterprise_linux_server_tusxeon_e5_2618l_v4xeon_e3_1275_v3xeon_e3_1505l_v6xeon_e5_2418lxeon_e3_1275_v5xeon_e3_1286_v3xeon_e3_1220xeon_e3_1268l_v5xeon_e3_1240_v6xeon_e3_1290xeon_e5_2620_v2xeon_e3_1270_v5xeon_e5_2448l_v2xeon_e5_1650_v4core_m5xeon_e5_2450l_v2xeon_e5_2630l_v4xeon_e5_2403_v2xeon_e5_2609_v3cortex-rxeon_e3_1220_v5xeon_e3_1268l_v3xeon_e5_2603xeon_e3_1285_v3xeon_e5_2630_v3xeon_e5_2450xeon_e5_2623_v3xeon_e5_2650l_v3xeon_e3_1501m_v6m12-2s_firmwarecore_mxeon_e5_2650l_v2enterprise_linux_desktopxeon_e3_1231_v3xeon_e3_1265l_v4xeon_e3_1280_v2xeon_e5_1650xeon_e5_2470xeon_e5_2438l_v3enterprise_linuxxeon_goldxeon_e5_2603_v3xeon_e3_1286l_v3atom_catom_em12-1_firmwarexeon_e5_2603_v2pentium_nxeon_e3_1290_v2xeon_e5_1660xeon_e5_2618l_v3xeon_e5_2603_v4xeon_e5_2618l_v2xeon_e3_1220_v2xeon_e3_1270_v6xeon_e3_1280_v3xeon_e3_1225_v2xeonxeon_e3_1271_v3xeon_e3_12201_v2xeon_e5_2623_v4xeon_e3_1270_v2xeon_e5xeon_e3_1280xeon_e5_2640_v3xeon_e5_2628l_v4xeon_e3_1230_v5xeon_e3_1270_v3xeon_e5_2440xeon_e5_2440_v2xeon_e5_2608l_v4xeon_e5_2650enterprise_linux_eusxeon_e3_1265l_v3xeon_e5_1650_v2xeon_e3_1258l_v4xeon_e5_2650_v4xeon_e5_2609xeon_e5_2418l_v3xeon_e3_1260l_v5xeon_e5_2650lxeon_e5_2628l_v2xeon_e5_2418l_v2xeon_e3_1225_v6xeon_e5_2470_v2xeon_e5_2640xeon_e3_1245_v2xeon_e5_2637_v4struxureware_data_center_expertxeon_e3_1285_v4xeon_e5_2630l_v2xeon_e5_2650_v3xeon_e3_1240_v3xeon_e5_2648l_v4xeon_e5_1660_v2xeon_e5_2403xeon_e3_1260lxeon_e5_2630m12-2_firmwarexeon_e5_2420xeon_e3_1125c_v2Most Modern Operating Systems
CVE-2018-3665
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.6||MEDIUM
EPSS-1.26% / 79.05%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 20:00
Updated-17 Sep, 2024 | 01:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

Action-Not Available
Vendor-Intel CorporationDebian GNU/LinuxFreeBSD FoundationRed Hat, Inc.Citrix (Cloud Software Group, Inc.)Canonical Ltd.
Product-core_m7ubuntu_linuxfreebsdxenservercore_m3debian_linuxenterprise_linux_desktopenterprise_linux_workstationcore_i5enterprise_linuxcore_mcore_i7core_m5core_i3Intel Core-based microprocessors
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Details not found