CVE-2005-0109
published 2005-03-05CVE-2005-0109: Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a…
PriorityP412medium5.6CVSS 3.0
AVLACHPRLUINSCCHINAN
EPSS
0.51%
39.3th percentile
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
Affected
58 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
| freebsd | freebsd | — | — |
CVSS provenance
nvdv3.05.6MEDIUMCVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
nvdv2.04.7MEDIUMAV:L/AC:M/Au:N/C:C/I:N/A:N
vendor_redhat5.6MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2005-05-23
CVE-2005-1368 Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Linux kernel vulnerabilities
Colin Percival discovered an information disclosure in the "Hyper
Threading Technology" architecture in processors which are capable of
simultaneous multithreading (in particular Intel Pentium 4, Intel
Mobile Pentium 4, and Intel Xeon processors). This allows a malicious
thread to monitor the execution of another thread on the same CPU.
This could be exploited to steal cryptographic keys, passwords, or
other arbitrary data from unrelated processes. Since it is not
possible to provide a safe patch in a short time, HyperThreading has
been disabled in the updated kernel packages for now. You can manually
enable HyperThreading again by passing the kernel parameter "ht=on" at
boot. (CAN-2005-0109)
A Denial of Service v
Red Hat
security flaw
vendor_redhat·2005-05-13·CVSS 5.6
CVE-2005-0109 [MEDIUM] security flaw
security flaw
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
Statement: Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
GHSA
GHSA-3h63-pxm6-2x4m: Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to u
ghsa_unreviewed·2022-05-03
CVE-2005-0109 [MEDIUM] GHSA-3h63-pxm6-2x4m: Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to u
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
No detection rules found.
No public exploits indexed.
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txthttp://marc.info/?l=freebsd-hackers&m=110994026421858&w=2http://marc.info/?l=freebsd-security&m=110994370429609&w=2http://marc.info/?l=openbsd-misc&m=110995101417256&w=2http://secunia.com/advisories/15348http://secunia.com/advisories/18165http://securitytracker.com/id?1013967http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754http://www.daemonology.net/hyperthreading-considered-harmful/http://www.daemonology.net/papers/htt.pdfhttp://www.kb.cert.org/vuls/id/911878http://www.redhat.com/support/errata/RHSA-2005-476.htmlhttp://www.redhat.com/support/errata/RHSA-2005-800.htmlhttp://www.securityfocus.com/bid/12724http://www.vupen.com/english/advisories/2005/0540http://www.vupen.com/english/advisories/2005/3002https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txthttp://marc.info/?l=freebsd-hackers&m=110994026421858&w=2http://marc.info/?l=freebsd-security&m=110994370429609&w=2http://marc.info/?l=openbsd-misc&m=110995101417256&w=2http://secunia.com/advisories/15348http://secunia.com/advisories/18165http://securitytracker.com/id?1013967http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754http://www.daemonology.net/hyperthreading-considered-harmful/http://www.daemonology.net/papers/htt.pdfhttp://www.kb.cert.org/vuls/id/911878http://www.redhat.com/support/errata/RHSA-2005-476.htmlhttp://www.redhat.com/support/errata/RHSA-2005-800.htmlhttp://www.securityfocus.com/bid/12724http://www.vupen.com/english/advisories/2005/0540http://www.vupen.com/english/advisories/2005/3002https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747
2005-03-05
Published