CVE-2004-0565
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.7 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.3%
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| mandrakesoft:mandrake_multi_network_firewall | mandrakesoft mandrake multi network firewall | eq | 8.2 |
References
archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html
secunia.com/advisories/20162
secunia.com/advisories/20163
secunia.com/advisories/20202
secunia.com/advisories/20338
www.debian.org/security/2006/dsa-1067
www.debian.org/security/2006/dsa-1069
www.debian.org/security/2006/dsa-1070
www.debian.org/security/2006/dsa-1082
www.mandriva.com/security/advisories?name=MDKSA-2004:066
www.redhat.com/support/errata/RHSA-2004-504.html
www.securityfocus.com/bid/10687
bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734
exchange.xforce.ibmcloud.com/vulnerabilities/16644
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714
Related
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
5.7 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.3%