CVE-2004-0565
Advisory lineage Upstream: 0 Downstream: 5
Modified
Published: 08 Jul 2004, 04:00
Last modified:08 Aug 2024, 00:24
Vulnerability Summary
Overall Risk (default)
minimal
8/100 CVSS Score
2.1 LOW
v2.0 (nvd)
EPSS Score
0.11% LOW
0% probability +0.03%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
08 Jul 2004, 04:00
Published
Vulnerability first disclosed
08 Aug 2024, 00:24
Last Modified
Vulnerability information updated
Description
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
CVSS Metrics
- v2.0•LOW•Score: 2.1AV:L/AC:L/Au:N/C:P/I:N/A:N
EPSS Trends
Current EPSS score: 0.11%• Percentile: 28%
Affected Systems
- linux•linux_kernel
2.4.0
- mandrakesoft•mandrake_linux
9.1 | 9.2 | 10.0
- mandrakesoft•mandrake_linux_corporate_server
2.1
- mandrakesoft•mandrake_multi_network_firewall
8.2
- trustix•secure_linux
2 | 2.0 | 2.1
References (15)
- http://secunia.com/advisories/20163
- http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html
- http://www.debian.org/security/2006/dsa-1082
- http://www.debian.org/security/2006/dsa-1070
- http://secunia.com/advisories/20162
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714
- http://www.debian.org/security/2006/dsa-1067
- http://www.debian.org/security/2006/dsa-1069
- http://www.securityfocus.com/bid/10687
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:066
- http://secunia.com/advisories/20202
- http://www.redhat.com/support/errata/RHSA-2004-504.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16644
- http://secunia.com/advisories/20338