Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2006-1056
HistoryApr 20, 2006 - 10:02 a.m.

CVE-2006-1056

2006-04-2010:02:00
CWE-310
[email protected]
web.nvd.nist.gov
43
linux kernel
freebsd kernel
amd64 processors
sensitive information
cryptographic keys
information security
cve-2006-1056

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.7%

JSON

The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.

Affected configurations

NVD
Node
freebsdfreebsd
OR
linuxlinux_kernelRange2.6.16.8
OR
linuxlinux_kernelMatch2.6.0
OR
linuxlinux_kernelMatch2.6.0test1
OR
linuxlinux_kernelMatch2.6.0test10
OR
linuxlinux_kernelMatch2.6.0test11
OR
linuxlinux_kernelMatch2.6.0test2
OR
linuxlinux_kernelMatch2.6.0test3
OR
linuxlinux_kernelMatch2.6.0test4
OR
linuxlinux_kernelMatch2.6.0test5
OR
linuxlinux_kernelMatch2.6.0test6
OR
linuxlinux_kernelMatch2.6.0test7
OR
linuxlinux_kernelMatch2.6.0test8
OR
linuxlinux_kernelMatch2.6.0test9
OR
linuxlinux_kernelMatch2.6.1
OR
linuxlinux_kernelMatch2.6.1rc1
OR
linuxlinux_kernelMatch2.6.1rc2
OR
linuxlinux_kernelMatch2.6.1rc3
OR
linuxlinux_kernelMatch2.6.2
OR
linuxlinux_kernelMatch2.6.2rc1
OR
linuxlinux_kernelMatch2.6.2rc2
OR
linuxlinux_kernelMatch2.6.2rc3
OR
linuxlinux_kernelMatch2.6.3
OR
linuxlinux_kernelMatch2.6.3rc1
OR
linuxlinux_kernelMatch2.6.3rc2
OR
linuxlinux_kernelMatch2.6.3rc3
OR
linuxlinux_kernelMatch2.6.3rc4
OR
linuxlinux_kernelMatch2.6.4
OR
linuxlinux_kernelMatch2.6.4rc1
OR
linuxlinux_kernelMatch2.6.4rc2
OR
linuxlinux_kernelMatch2.6.4rc3
OR
linuxlinux_kernelMatch2.6.5
OR
linuxlinux_kernelMatch2.6.5rc1
OR
linuxlinux_kernelMatch2.6.5rc2
OR
linuxlinux_kernelMatch2.6.5rc3
OR
linuxlinux_kernelMatch2.6.6
OR
linuxlinux_kernelMatch2.6.6rc1
OR
linuxlinux_kernelMatch2.6.6rc2
OR
linuxlinux_kernelMatch2.6.6rc3
OR
linuxlinux_kernelMatch2.6.7
OR
linuxlinux_kernelMatch2.6.7rc1
OR
linuxlinux_kernelMatch2.6.7rc2
OR
linuxlinux_kernelMatch2.6.7rc3
OR
linuxlinux_kernelMatch2.6.8
OR
linuxlinux_kernelMatch2.6.8rc1
OR
linuxlinux_kernelMatch2.6.8rc2
OR
linuxlinux_kernelMatch2.6.8rc3
OR
linuxlinux_kernelMatch2.6.8rc4
OR
linuxlinux_kernelMatch2.6.9
OR
linuxlinux_kernelMatch2.6.92.6.20
OR
linuxlinux_kernelMatch2.6.9rc1
OR
linuxlinux_kernelMatch2.6.9rc2
OR
linuxlinux_kernelMatch2.6.9rc3
OR
linuxlinux_kernelMatch2.6.9rc4
OR
linuxlinux_kernelMatch2.6.10
OR
linuxlinux_kernelMatch2.6.10rc1
OR
linuxlinux_kernelMatch2.6.10rc2
OR
linuxlinux_kernelMatch2.6.10rc3
OR
linuxlinux_kernelMatch2.6.11
OR
linuxlinux_kernelMatch2.6.11rc1
OR
linuxlinux_kernelMatch2.6.11rc2
OR
linuxlinux_kernelMatch2.6.11rc3
OR
linuxlinux_kernelMatch2.6.11rc4
OR
linuxlinux_kernelMatch2.6.11rc5
OR
linuxlinux_kernelMatch2.6.11.1
OR
linuxlinux_kernelMatch2.6.11.2
OR
linuxlinux_kernelMatch2.6.11.3
OR
linuxlinux_kernelMatch2.6.11.4
OR
linuxlinux_kernelMatch2.6.11.5
OR
linuxlinux_kernelMatch2.6.11.6
OR
linuxlinux_kernelMatch2.6.11.7
OR
linuxlinux_kernelMatch2.6.11.8
OR
linuxlinux_kernelMatch2.6.11.9
OR
linuxlinux_kernelMatch2.6.11.10
OR
linuxlinux_kernelMatch2.6.11.11
OR
linuxlinux_kernelMatch2.6.11.12
OR
linuxlinux_kernelMatch2.6.12rc1
OR
linuxlinux_kernelMatch2.6.12rc2
OR
linuxlinux_kernelMatch2.6.12rc3
OR
linuxlinux_kernelMatch2.6.12rc4
OR
linuxlinux_kernelMatch2.6.12rc5
OR
linuxlinux_kernelMatch2.6.12rc6
OR
linuxlinux_kernelMatch2.6.12.1
OR
linuxlinux_kernelMatch2.6.12.2
OR
linuxlinux_kernelMatch2.6.12.3
OR
linuxlinux_kernelMatch2.6.12.4
OR
linuxlinux_kernelMatch2.6.12.5
OR
linuxlinux_kernelMatch2.6.12.6
OR
linuxlinux_kernelMatch2.6.13
OR
linuxlinux_kernelMatch2.6.13rc1
OR
linuxlinux_kernelMatch2.6.13rc2
OR
linuxlinux_kernelMatch2.6.13rc3
OR
linuxlinux_kernelMatch2.6.13rc4
OR
linuxlinux_kernelMatch2.6.13rc5
OR
linuxlinux_kernelMatch2.6.13rc6
OR
linuxlinux_kernelMatch2.6.13rc7
OR
linuxlinux_kernelMatch2.6.13.1
OR
linuxlinux_kernelMatch2.6.13.2
OR
linuxlinux_kernelMatch2.6.13.3
OR
linuxlinux_kernelMatch2.6.13.4
OR
linuxlinux_kernelMatch2.6.14
OR
linuxlinux_kernelMatch2.6.14rc1
OR
linuxlinux_kernelMatch2.6.14rc2
OR
linuxlinux_kernelMatch2.6.14rc3
OR
linuxlinux_kernelMatch2.6.14rc4
OR
linuxlinux_kernelMatch2.6.14rc5
OR
linuxlinux_kernelMatch2.6.14.1
OR
linuxlinux_kernelMatch2.6.14.2
OR
linuxlinux_kernelMatch2.6.14.3
OR
linuxlinux_kernelMatch2.6.14.4
OR
linuxlinux_kernelMatch2.6.14.5
OR
linuxlinux_kernelMatch2.6.14.6
OR
linuxlinux_kernelMatch2.6.14.7
OR
linuxlinux_kernelMatch2.6.15
OR
linuxlinux_kernelMatch2.6.15rc1
OR
linuxlinux_kernelMatch2.6.15rc3
OR
linuxlinux_kernelMatch2.6.15rc4
OR
linuxlinux_kernelMatch2.6.15rc5
OR
linuxlinux_kernelMatch2.6.15rc6
OR
linuxlinux_kernelMatch2.6.15rc7
OR
linuxlinux_kernelMatch2.6.15.1
OR
linuxlinux_kernelMatch2.6.15.2
OR
linuxlinux_kernelMatch2.6.15.3
OR
linuxlinux_kernelMatch2.6.15.4
OR
linuxlinux_kernelMatch2.6.15.5
OR
linuxlinux_kernelMatch2.6.15.6
OR
linuxlinux_kernelMatch2.6.15.7
OR
linuxlinux_kernelMatch2.6.16
OR
linuxlinux_kernelMatch2.6.16rc1
OR
linuxlinux_kernelMatch2.6.16rc2
OR
linuxlinux_kernelMatch2.6.16rc3
OR
linuxlinux_kernelMatch2.6.16rc4
OR
linuxlinux_kernelMatch2.6.16rc5
OR
linuxlinux_kernelMatch2.6.16rc6
OR
linuxlinux_kernelMatch2.6.16.1
OR
linuxlinux_kernelMatch2.6.16.2
OR
linuxlinux_kernelMatch2.6.16.3
OR
linuxlinux_kernelMatch2.6.16.4
OR
linuxlinux_kernelMatch2.6.16.5
OR
linuxlinux_kernelMatch2.6.16.6
OR
linuxlinux_kernelMatch2.6.16.7
OR
linuxlinux_kernelMatch2.6.16_rc7
OR
linuxlinux_kernelMatch2.6_test9_cvs

References

Related

securityvulns 7
prion 2
openvas 9
freebsd_advisory 1
ubuntucve 2
freebsd 1
nvd 2
cvelist 2
cve 1
xen 1
debiancve 1
nessus 14
redhat 3
centos 3
vmware 1
osv 2
debian 2
suse 2
ubuntu 1
securityvulns
securityvulns
VMSA-2006-0009 - VMware ESX Server 3.0.0 AMD fxsave/restore issue
2006-11-14 00:00:00
FreeBSD Security Advisory FreeBSD-SA-06:14.fpu
2006-04-19 00:00:00
ChangeLog-2.6.16.9
2006-04-19 00:00:00
prion
prion
Design/Logic Flaw
2006-04-20 10:02:00
Design/Logic Flaw
2013-08-28 21:55:00
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-06:14.fpu.asc)
2008-09-04 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-06:14.fpu.asc)
2008-09-04 00:00:00
Debian Security Advisory DSA 1097-1 (kernel-source-2.4.27)
2008-01-17 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-06:14.fpu
2006-04-19 00:00:00
ubuntucve
ubuntucve
CVE-2006-1056
2006-04-20 00:00:00
CVE-2013-2076
2013-08-28 00:00:00
freebsd
freebsd
FreeBSD -- FPU information disclosure
2006-04-19 00:00:00
nvd
nvd
CVE-2006-1056
2006-04-20 10:02:00
CVE-2013-2076
2013-08-28 21:55:08
cvelist
cvelist
CVE-2006-1056
2006-04-20 10:00:00
CVE-2013-2076
2013-08-28 17:00:00
cve
cve
CVE-2013-2076
2013-08-28 21:55:08
xen
xen
Information leak on XSAVE/XRSTOR capable AMD CPUs
2013-06-03 12:00:00
debiancve
debiancve
CVE-2013-2076
2013-08-28 21:55:08
nessus
nessus
OracleVM 3.2 : xen (OVMSA-2013-0042)
2014-11-26 00:00:00
OracleVM 3.1 : xen (OVMSA-2013-0043)
2014-11-26 00:00:00
Fedora Core 5 : kernel-2.6.16-1.2096_FC5 (2006-421)
2006-04-21 00:00:00
redhat
redhat
(RHSA-2006:0579) kernel security update
2006-07-13 00:00:00
(RHSA-2006:0437) Updated kernel packages for Red Hat Enterprise Linux 3 Update 8
2006-07-20 09:25:51
(RHSA-2006:0575) Updated kernel packages available for Red Hat Enterprise Linux 4 Update 4
2006-08-10 00:00:00
centos
centos
kernel security update
2006-07-17 05:19:27
kernel security update
2006-07-20 16:09:23
kernel security update
2006-08-24 00:20:09
vmware
vmware
Updated Service Console packages (XFree86, UP and SMP kernels, Kerberos libraries) resolve security issues.
2007-07-05 00:00:00
osv
osv
kernel-source-2.4.27 - several vulnerabilities
2006-06-14 00:00:00
kernel-source-2.6.8 - several vulnerabilities
2006-06-27 00:00:00
debian
debian
[SECURITY] [DSA 1097-1] New Kernel 2.4.27 packages fix several vulnerabilities
2006-06-14 17:55:23
[SECURITY] [DSA 1103-1] New Linux kernel 2.6.8 packages fix several vulnerabilities
2006-06-27 05:00:01
suse
suse
remote denial of service in kernel
2006-05-31 15:47:21
Security update for Xen (important)
2014-03-25 23:04:15
ubuntu
ubuntu
Linux kernel vulnerabilities
2006-06-15 00:00:00

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.7%

JSON
Related for CVE-2006-1056
securityvulns7prion2openvas9freebsd_advisory1ubuntucve2freebsd1nvd2cvelist2cve1xen1debiancve1nessus14redhat3centos3vmware1osv2debian2suse2ubuntu1