CVE-2005-0109

7 documents7 sources
Severity
5.6MEDIUM
EPSS
0.1%
top 65.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Freebsd FreebsdRedhat Enterprise LinuxRedhat Enterprise Linux Desktop+5 more
Timeline
PublishedMar 5
Latest updateMay 3

Description

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:NExploitability: 1.1 | Impact: 4.0

Affected Packages5 packages

NVDsun/solaris4 versions+3
NVDsco/unixware7.1.3, 7.1.3_up, 7.1.4+2
NVDsco/openserver5.0.7
NVDredhat/fedora_corecore_3.0

Also affects: Freebsd 1.1.5.1, 2.0, 2.0.5, 2.1.0, 2.1.5, 2.1.6, 2.1.6.1, 2.1.7.1, 2.2, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.8, 3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.5.1, 4.0, 4.1, 4.1.1, 4.10, 4.11, 4.2, 4.3, 4.4, 4.5, 4.6, 4.6.2, 4.7, 4.8, 4.9, 5.0, 5.1, 5.2, 5.2.1, 5.3, 5.4, Ubuntu Linux 4.1, 5.04, Enterprise Linux 2.1, 3.0, 4.0

Patches

Patch: securitytracker.comPatch: www.securityfocus.comPatch: securitytracker.com

🔴Vulnerability Details

2
GHSA
GHSA-3h63-pxm6-2x4m: Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to u2022-05-03
CVEList
CVE-2005-0109: Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to u2005-03-08

📋Vendor Advisories

2
Ubuntu
Linux kernel vulnerabilities2005-05-23
Red Hat
security flaw2005-05-13

💬Community

1
Bugzilla
CVE-2005-0109 security flaw2018-08-16
CVE-2005-0109 (MEDIUM CVSS 5.6) | Hyper-Threading technology | cvebase.io