CVE-2006-1056

FreeBSD and Linux Kernel - Information Disclosure via x87 Register State Leakage

Title source: llm
STIX 2.1

Description

The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.

References (50)

Core 50
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2006-0437.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9995
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22876
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19735
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4502
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2554
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2006-0579.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20716
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22875
Various Sources vendor-advisory x_refsource_fedora
http://lwn.net/Alerts/180820/
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21136
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-302-1
Various Sources x_refsource_confirm
http://kb.vmware.com/kb/2533126
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/24746
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/24807
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21983
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4353
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21035
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2006/dsa-1097
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2006-0575.html
Vendor Advisory vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2006-05-31.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/451421/100/0/threaded
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1426
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19715
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1015966
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/431341
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/17600
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2006/dsa-1103
Various Sources vendor-advisory x_refsource_freebsd
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21465
Mailing List mailing-list x_refsource_mlist
http://marc.info/?l=linux-kernel&m=114548768214478&w=2
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1475
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/451404/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25871
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20398
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/451417/100/200/threaded
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22417
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19724
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20671
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/451419/100/200/threaded
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20914

Scores

EPSS 0.0006
EPSS Percentile 18.9%

Details

CWE
CWE-310
Status published
Products (11)
freebsd/freebsd
linux/linux_kernel 2.6.0 (12 CPE variants)
linux/linux_kernel 2.6.1 (4 CPE variants)
linux/linux_kernel 2.6.2 (4 CPE variants)
linux/linux_kernel 2.6.3 (5 CPE variants)
linux/linux_kernel 2.6.4 (4 CPE variants)
linux/linux_kernel 2.6.5 (4 CPE variants)
linux/linux_kernel 2.6.6 (4 CPE variants)
linux/linux_kernel 2.6.7 (4 CPE variants)
linux/linux_kernel 2.6.8 (5 CPE variants)
... and 1 more
Published Apr 20, 2006
Tracked Since Feb 18, 2026