CVE-2005-0109

Published: 05/03/2005 Updated: 16/10/2018

CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 5.6 | Impact Score: 4 | Exploitability Score: 1.1

VMScore: 418

Vector: AV:L/AC:M/Au:N/C:C/I:N/A:N

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freebsd freebsd 4.3
sco unixware 7.1.3
redhat enterprise linux 2.1
freebsd freebsd 4.1.1
freebsd freebsd 4.6
freebsd freebsd 5.3
freebsd freebsd 3.1
redhat enterprise linux 4.0
sco unixware 7.1.4
freebsd freebsd 3.0
freebsd freebsd 2.2.5
redhat enterprise linux desktop 3.0
freebsd freebsd 5.1
ubuntu ubuntu linux 4.1
freebsd freebsd 4.4
redhat enterprise linux 3.0
freebsd freebsd 4.8
freebsd freebsd 2.2.2
freebsd freebsd 4.7
freebsd freebsd 5.2.1
freebsd freebsd 5.0
freebsd freebsd 3.5
freebsd freebsd 2.2.3
freebsd freebsd 2.0.5
freebsd freebsd 4.5
ubuntu ubuntu linux 5.04
freebsd freebsd 1.1.5.1
freebsd freebsd 4.10
freebsd freebsd 4.2
freebsd freebsd 3.5.1
sun solaris 9.0
sco openserver 5.0.7
sun solaris 10.0
freebsd freebsd 4.11
freebsd freebsd 4.1
freebsd freebsd 2.2.8
freebsd freebsd 4.9
freebsd freebsd 2.1.6.1
freebsd freebsd 2.2
sun solaris 7.0
freebsd freebsd 5.2
freebsd freebsd 3.2
sco unixware 7.1.3 up
freebsd freebsd 2.2.4
freebsd freebsd 2.1.0
freebsd freebsd 2.2.6
freebsd freebsd 2.1.6
freebsd freebsd 5.4
freebsd freebsd 2.1.7.1
freebsd freebsd 4.0
freebsd freebsd 3.3
freebsd freebsd 3.4
redhat enterprise linux desktop 4.0
redhat fedora core core 3.0
freebsd freebsd 2.1.5
freebsd freebsd 4.6.2
sun solaris 8.0
freebsd freebsd 2.0

Synopsis openssl security update Type/Severity Security Advisory: Moderate Topic Updated OpenSSL packages that fix various security issues are now availableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description OpenSSL is a toolkit t ...

Synopsis openssl security update Type/Severity Security Advisory: Moderate Topic Updated OpenSSL packages that fix security issues are now availableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description OpenSSL is a toolkit that impl ...

Colin Percival discovered an information disclosure in the “Hyper Threading Technology” architecture in processors which are capable of simultaneous multithreading (in particular Intel Pentium 4, Intel Mobile Pentium 4, and Intel Xeon processors) This allows a malicious thread to monitor the execution of another thread on the same CPU This co ...

NVD-CWE-Other http://www.securityfocus.com/bid/12724 http://www.daemonology.net/papers/htt.pdf http://www.daemonology.net/hyperthreading-considered-harmful/ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1 http://www.kb.cert.org/vuls/id/911878 http://securitytracker.com/id?1013967 http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754 http://secunia.com/advisories/15348 http://secunia.com/advisories/18165 http://www.redhat.com/support/errata/RHSA-2005-476.html http://www.redhat.com/support/errata/RHSA-2005-800.html http://www.vupen.com/english/advisories/2005/3002 http://www.vupen.com/english/advisories/2005/0540 http://marc.info/?l=freebsd-security&m=110994370429609&w=2 http://marc.info/?l=freebsd-hackers&m=110994026421858&w=2 http://marc.info/?l=openbsd-misc&m=110995101417256&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747 https://access.redhat.com/errata/RHSA-2005:800 https://nvd.nist.gov https://usn.ubuntu.com/131-1/https://www.kb.cert.org/vuls/id/911878

CVE-2005-0109

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect