Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2006-1056
Description:The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.
Test IDs: 1.3.6.1.4.1.25623.1.0.56578  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2006-1056
BugTraq ID: 17600
http://www.securityfocus.com/bid/17600
Bugtraq: 20060419 FreeBSD Security Advisory FreeBSD-SA-06:14.fpu (Google Search)
http://www.securityfocus.com/archive/1/431341
Bugtraq: 20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 (Google Search)
http://www.securityfocus.com/archive/1/451419/100/200/threaded
Bugtraq: 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 (Google Search)
http://www.securityfocus.com/archive/1/451404/100/0/threaded
Bugtraq: 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 (Google Search)
http://www.securityfocus.com/archive/1/451417/100/200/threaded
Bugtraq: 20061113 VMSA-2006-0009 - VMware ESX Server 3.0.0 AMD fxsave/restore issue (Google Search)
http://www.securityfocus.com/archive/1/451421/100/0/threaded
Debian Security Information: DSA-1097 (Google Search)
http://www.debian.org/security/2006/dsa-1097
Debian Security Information: DSA-1103 (Google Search)
http://www.debian.org/security/2006/dsa-1103
http://lwn.net/Alerts/180820/
FreeBSD Security Advisory: FreeBSD-SA-06:14
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc
http://security.freebsd.org/advisories/FreeBSD-SA-06:14-amd.txt
http://marc.info/?l=linux-kernel&m=114548768214478&w=2
http://www.osvdb.org/24746
http://www.osvdb.org/24807
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9995
RedHat Security Advisories: RHSA-2006:0437
http://www.redhat.com/support/errata/RHSA-2006-0437.html
RedHat Security Advisories: RHSA-2006:0575
http://www.redhat.com/support/errata/RHSA-2006-0575.html
RedHat Security Advisories: RHSA-2006:0579
http://www.redhat.com/support/errata/RHSA-2006-0579.html
http://securitytracker.com/id?1015966
http://secunia.com/advisories/19715
http://secunia.com/advisories/19724
http://secunia.com/advisories/19735
http://secunia.com/advisories/20398
http://secunia.com/advisories/20671
http://secunia.com/advisories/20716
http://secunia.com/advisories/20914
http://secunia.com/advisories/21035
http://secunia.com/advisories/21136
http://secunia.com/advisories/21465
http://secunia.com/advisories/21983
http://secunia.com/advisories/22417
http://secunia.com/advisories/22875
http://secunia.com/advisories/22876
SuSE Security Announcement: SUSE-SA:2006:028 (Google Search)
http://www.novell.com/linux/security/advisories/2006-05-31.html
SuSE Security Announcement: SUSE-SU-2014:0446 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
http://www.ubuntu.com/usn/usn-302-1
http://www.vupen.com/english/advisories/2006/1426
http://www.vupen.com/english/advisories/2006/1475
http://www.vupen.com/english/advisories/2006/2554
http://www.vupen.com/english/advisories/2006/4353
http://www.vupen.com/english/advisories/2006/4502
XForce ISS Database: amd-fpu-information-disclosure(25871)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25871




© 1998-2021 E-Soft Inc. All rights reserved.