CVE-2004-0565

5 documents5 sources

Severity

2.1LOW

EPSS

0.1%

top 71.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Mandrakesoft Mandrake Linux Mandrakesoft Mandrake Linux Corporate Server +2 more

Timeline

PublishedDec 6

Latest updateApr 29

Description

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages5 packages

▶NVDlinux/linux_kernel2.4.0

▶NVDtrustix/secure_linux2, 2.0, 2.1+2

▶NVDmandrakesoft/mandrake_linux10.0, 9.1, 9.2+2

▶NVDmandrakesoft/mandrake_linux_corporate_server2.1

▶NVDmandrakesoft/mandrake_multi_network_firewall8.2

🔴Vulnerability Details

GHSA

GHSA-g33f-v4ch-cw4g: Floating point information leak in the context switch code for Linux 2↗2022-04-29

▶

CVEList

CVE-2004-0565: Floating point information leak in the context switch code for Linux 2↗2004-07-08

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-05-28

▶

💬Community

Bugzilla

CVE-2004-0565 security flaw↗2018-08-16

▶