Published: 05/03/2005 Updated: 16/10/2018

CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 5.6 | Impact Score: 4 | Exploitability Score: 1.1

VMScore: 418

Vector: AV:L/AC:M/Au:N/C:C/I:N/A:N

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freebsd freebsd 1.1.5.1
freebsd freebsd 2.0
freebsd freebsd 2.0.5
freebsd freebsd 3.0
freebsd freebsd 3.1
freebsd freebsd 3.2
freebsd freebsd 3.3
freebsd freebsd 4.1.1
freebsd freebsd 4.10
freebsd freebsd 4.4
freebsd freebsd 4.5
freebsd freebsd 4.7
freebsd freebsd 4.8
freebsd freebsd 5.1
freebsd freebsd 5.2
freebsd freebsd 5.2.1
freebsd freebsd 5.3
redhat enterprise linux 3.0
redhat enterprise linux 4.0
ubuntu ubuntu linux 4.1
ubuntu ubuntu linux 5.04
freebsd freebsd 2.1.5
freebsd freebsd 2.1.6.1
freebsd freebsd 2.2.4
freebsd freebsd 2.2.6
freebsd freebsd 3.4
freebsd freebsd 3.5.1
freebsd freebsd 4.1
freebsd freebsd 4.11
freebsd freebsd 4.2
freebsd freebsd 4.3
freebsd freebsd 4.6
freebsd freebsd 4.9
freebsd freebsd 5.4
redhat enterprise linux 2.1
redhat enterprise linux desktop 4.0
sco openserver 5.0.7
sun solaris 9.0
freebsd freebsd 2.1.7.1
freebsd freebsd 2.2
freebsd freebsd 2.2.2
freebsd freebsd 2.2.3
freebsd freebsd 3.5
freebsd freebsd 4.0
freebsd freebsd 4.6.2
freebsd freebsd 5.0
sco unixware 7.1.3
sco unixware 7.1.3_up
sco unixware 7.1.4
sun solaris 10.0
sun solaris 7.0
freebsd freebsd 2.1.0
freebsd freebsd 2.1.6
freebsd freebsd 2.2.5
freebsd freebsd 2.2.8
redhat enterprise linux desktop 3.0
redhat fedora core core_3.0
sun solaris 8.0

Synopsis openssl security update Type/Severity Security Advisory: Moderate Topic Updated OpenSSL packages that fix various security issues are now availableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description OpenSSL is a toolkit t ...

Synopsis openssl security update Type/Severity Security Advisory: Moderate Topic Updated OpenSSL packages that fix security issues are now availableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description OpenSSL is a toolkit that impl ...

Colin Percival discovered an information disclosure in the “Hyper Threading Technology” architecture in processors which are capable of simultaneous multithreading (in particular Intel Pentium 4, Intel Mobile Pentium 4, and Intel Xeon processors) This allows a malicious thread to monitor the execution of another thread on the same CPU This co ...

NVD-CWE-Other http://www.securityfocus.com/bid/12724 http://www.daemonology.net/papers/htt.pdf http://www.daemonology.net/hyperthreading-considered-harmful/ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1 http://www.kb.cert.org/vuls/id/911878 http://securitytracker.com/id?1013967 http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754 http://secunia.com/advisories/15348 http://secunia.com/advisories/18165 http://www.redhat.com/support/errata/RHSA-2005-476.html http://www.redhat.com/support/errata/RHSA-2005-800.html http://www.vupen.com/english/advisories/2005/3002 http://www.vupen.com/english/advisories/2005/0540 http://marc.info/?l=freebsd-security&m=110994370429609&w=2 http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2005:800 https://usn.ubuntu.com/131-1/https://www.kb.cert.org/vuls/id/911878

CVE-2005-0109

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect