CVE-2004-0565

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

🔗 References (30)

• cve@mitrehttp://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html
• cve@mitrehttp://secunia.com/advisories/20162
• cve@mitrehttp://secunia.com/advisories/20163
• cve@mitrehttp://secunia.com/advisories/20202
• cve@mitrehttp://secunia.com/advisories/20338
• cve@mitrehttp://www.debian.org/security/2006/dsa-1067
• cve@mitrehttp://www.debian.org/security/2006/dsa-1069
• cve@mitrehttp://www.debian.org/security/2006/dsa-1070
• cve@mitrehttp://www.debian.org/security/2006/dsa-1082
• cve@mitrehttp://www.mandriva.com/security/advisories?name=MDKSA-2004:066
• cve@mitrehttp://www.redhat.com/support/errata/RHSA-2004-504.html
• cve@mitrehttp://www.securityfocus.com/bid/10687
• cve@mitrehttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734
• cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/16644
• cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714