Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-1056

The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.

Published

2006-04-20T10:02:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 2.1 (LOW)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

3.9

Impact Score

2.9

Weaknesses

Type: Primary
CWE-310

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	freebsd	freebsd	*	Yes
Operating System	linux	linux_kernel	≤ 2.6.16.8	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.0	Yes
Operating System	linux	linux_kernel	2.6.1	Yes
Operating System	linux	linux_kernel	2.6.1	Yes
Operating System	linux	linux_kernel	2.6.1	Yes
Operating System	linux	linux_kernel	2.6.1	Yes
Operating System	linux	linux_kernel	2.6.2	Yes
Operating System	linux	linux_kernel	2.6.2	Yes
Operating System	linux	linux_kernel	2.6.2	Yes
Operating System	linux	linux_kernel	2.6.2	Yes
Operating System	linux	linux_kernel	2.6.3	Yes
Operating System	linux	linux_kernel	2.6.3	Yes
Operating System	linux	linux_kernel	2.6.3	Yes
Operating System	linux	linux_kernel	2.6.3	Yes
Operating System	linux	linux_kernel	2.6.3	Yes
Operating System	linux	linux_kernel	2.6.4	Yes
Operating System	linux	linux_kernel	2.6.4	Yes
Operating System	linux	linux_kernel	2.6.4	Yes
Operating System	linux	linux_kernel	2.6.4	Yes
Operating System	linux	linux_kernel	2.6.5	Yes
Operating System	linux	linux_kernel	2.6.5	Yes
Operating System	linux	linux_kernel	2.6.5	Yes
Operating System	linux	linux_kernel	2.6.5	Yes
Operating System	linux	linux_kernel	2.6.6	Yes
Operating System	linux	linux_kernel	2.6.6	Yes
Operating System	linux	linux_kernel	2.6.6	Yes
Operating System	linux	linux_kernel	2.6.6	Yes
Operating System	linux	linux_kernel	2.6.7	Yes
Operating System	linux	linux_kernel	2.6.7	Yes
Operating System	linux	linux_kernel	2.6.7	Yes
Operating System	linux	linux_kernel	2.6.7	Yes
Operating System	linux	linux_kernel	2.6.8	Yes
Operating System	linux	linux_kernel	2.6.8	Yes
Operating System	linux	linux_kernel	2.6.8	Yes
Operating System	linux	linux_kernel	2.6.8	Yes
Operating System	linux	linux_kernel	2.6.8	Yes
Operating System	linux	linux_kernel	2.6.9	Yes
Operating System	linux	linux_kernel	2.6.9	Yes
Operating System	linux	linux_kernel	2.6.9	Yes
Operating System	linux	linux_kernel	2.6.9	Yes
Operating System	linux	linux_kernel	2.6.9	Yes
Operating System	linux	linux_kernel	2.6.9	Yes
Operating System	linux	linux_kernel	2.6.10	Yes
Operating System	linux	linux_kernel	2.6.10	Yes
Operating System	linux	linux_kernel	2.6.10	Yes
Operating System	linux	linux_kernel	2.6.10	Yes
Operating System	linux	linux_kernel	2.6.11	Yes
Operating System	linux	linux_kernel	2.6.11	Yes
Operating System	linux	linux_kernel	2.6.11	Yes
Operating System	linux	linux_kernel	2.6.11	Yes
Operating System	linux	linux_kernel	2.6.11	Yes
Operating System	linux	linux_kernel	2.6.11	Yes
Operating System	linux	linux_kernel	2.6.11.1	Yes
Operating System	linux	linux_kernel	2.6.11.2	Yes
Operating System	linux	linux_kernel	2.6.11.3	Yes
Operating System	linux	linux_kernel	2.6.11.4	Yes
Operating System	linux	linux_kernel	2.6.11.5	Yes
Operating System	linux	linux_kernel	2.6.11.6	Yes
Operating System	linux	linux_kernel	2.6.11.7	Yes
Operating System	linux	linux_kernel	2.6.11.8	Yes
Operating System	linux	linux_kernel	2.6.11.9	Yes
Operating System	linux	linux_kernel	2.6.11.10	Yes
Operating System	linux	linux_kernel	2.6.11.11	Yes
Operating System	linux	linux_kernel	2.6.11.12	Yes
Operating System	linux	linux_kernel	2.6.12	Yes
Operating System	linux	linux_kernel	2.6.12	Yes
Operating System	linux	linux_kernel	2.6.12	Yes
Operating System	linux	linux_kernel	2.6.12	Yes
Operating System	linux	linux_kernel	2.6.12	Yes
Operating System	linux	linux_kernel	2.6.12	Yes
Operating System	linux	linux_kernel	2.6.12.1	Yes
Operating System	linux	linux_kernel	2.6.12.2	Yes
Operating System	linux	linux_kernel	2.6.12.3	Yes
Operating System	linux	linux_kernel	2.6.12.4	Yes
Operating System	linux	linux_kernel	2.6.12.5	Yes
Operating System	linux	linux_kernel	2.6.12.6	Yes
Operating System	linux	linux_kernel	2.6.13	Yes
Operating System	linux	linux_kernel	2.6.13	Yes
Operating System	linux	linux_kernel	2.6.13	Yes
Operating System	linux	linux_kernel	2.6.13	Yes
Operating System	linux	linux_kernel	2.6.13	Yes
Operating System	linux	linux_kernel	2.6.13	Yes
Operating System	linux	linux_kernel	2.6.13	Yes
Operating System	linux	linux_kernel	2.6.13	Yes
Operating System	linux	linux_kernel	2.6.13.1	Yes
Operating System	linux	linux_kernel	2.6.13.2	Yes
Operating System	linux	linux_kernel	2.6.13.3	Yes
Operating System	linux	linux_kernel	2.6.13.4	Yes
Operating System	linux	linux_kernel	2.6.14	Yes
Operating System	linux	linux_kernel	2.6.14	Yes
Operating System	linux	linux_kernel	2.6.14	Yes
Operating System	linux	linux_kernel	2.6.14	Yes
Operating System	linux	linux_kernel	2.6.14	Yes
Operating System	linux	linux_kernel	2.6.14	Yes
Operating System	linux	linux_kernel	2.6.14.1	Yes
Operating System	linux	linux_kernel	2.6.14.2	Yes
Operating System	linux	linux_kernel	2.6.14.3	Yes
Operating System	linux	linux_kernel	2.6.14.4	Yes
Operating System	linux	linux_kernel	2.6.14.5	Yes
Operating System	linux	linux_kernel	2.6.14.6	Yes
Operating System	linux	linux_kernel	2.6.14.7	Yes
Operating System	linux	linux_kernel	2.6.15	Yes
Operating System	linux	linux_kernel	2.6.15	Yes
Operating System	linux	linux_kernel	2.6.15	Yes
Operating System	linux	linux_kernel	2.6.15	Yes
Operating System	linux	linux_kernel	2.6.15	Yes
Operating System	linux	linux_kernel	2.6.15	Yes
Operating System	linux	linux_kernel	2.6.15	Yes
Operating System	linux	linux_kernel	2.6.15.1	Yes
Operating System	linux	linux_kernel	2.6.15.2	Yes
Operating System	linux	linux_kernel	2.6.15.3	Yes
Operating System	linux	linux_kernel	2.6.15.4	Yes
Operating System	linux	linux_kernel	2.6.15.5	Yes
Operating System	linux	linux_kernel	2.6.15.6	Yes
Operating System	linux	linux_kernel	2.6.15.7	Yes
Operating System	linux	linux_kernel	2.6.16	Yes
Operating System	linux	linux_kernel	2.6.16	Yes
Operating System	linux	linux_kernel	2.6.16	Yes
Operating System	linux	linux_kernel	2.6.16	Yes
Operating System	linux	linux_kernel	2.6.16	Yes
Operating System	linux	linux_kernel	2.6.16	Yes
Operating System	linux	linux_kernel	2.6.16	Yes
Operating System	linux	linux_kernel	2.6.16.1	Yes
Operating System	linux	linux_kernel	2.6.16.2	Yes
Operating System	linux	linux_kernel	2.6.16.3	Yes
Operating System	linux	linux_kernel	2.6.16.4	Yes
Operating System	linux	linux_kernel	2.6.16.5	Yes
Operating System	linux	linux_kernel	2.6.16.6	Yes
Operating System	linux	linux_kernel	2.6.16.7	Yes
Operating System	linux	linux_kernel	2.6.16_rc7	Yes
Operating System	linux	linux_kernel	2.6_test9_cvs	Yes

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc ([email protected])
http://kb.vmware.com/kb/2533126 ([email protected])
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.9 ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html ([email protected])
http://lwn.net/Alerts/180820/ ([email protected])
http://marc.info/?l=linux-kernel&m=114548768214478&w=2 ([email protected])
http://secunia.com/advisories/19715 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/19724 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/19735 Vendor Advisory ([email protected])
http://secunia.com/advisories/20398 Vendor Advisory ([email protected])
http://secunia.com/advisories/20671 Vendor Advisory ([email protected])
http://secunia.com/advisories/20716 Vendor Advisory ([email protected])
http://secunia.com/advisories/20914 Vendor Advisory ([email protected])
http://secunia.com/advisories/21035 Vendor Advisory ([email protected])
http://secunia.com/advisories/21136 Vendor Advisory ([email protected])
http://secunia.com/advisories/21465 Vendor Advisory ([email protected])
http://secunia.com/advisories/21983 Vendor Advisory ([email protected])
http://secunia.com/advisories/22417 Vendor Advisory ([email protected])
http://secunia.com/advisories/22875 Vendor Advisory ([email protected])
http://secunia.com/advisories/22876 Vendor Advisory ([email protected])
http://security.freebsd.org/advisories/FreeBSD-SA-06:14-amd.txt ([email protected])
http://securitytracker.com/id?1015966 ([email protected])
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm ([email protected])
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm ([email protected])
http://www.debian.org/security/2006/dsa-1097 ([email protected])
http://www.debian.org/security/2006/dsa-1103 ([email protected])
http://www.novell.com/linux/security/advisories/2006-05-31.html ([email protected])
http://www.osvdb.org/24746 ([email protected])
http://www.osvdb.org/24807 ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0437.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0575.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2006-0579.html ([email protected])
http://www.securityfocus.com/archive/1/431341 ([email protected])
http://www.securityfocus.com/archive/1/451404/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/451417/100/200/threaded ([email protected])
http://www.securityfocus.com/archive/1/451419/100/200/threaded ([email protected])
http://www.securityfocus.com/archive/1/451421/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/17600 Patch ([email protected])
http://www.ubuntu.com/usn/usn-302-1 ([email protected])
http://www.vmware.com/download/esx/esx-213-200610-patch.html ([email protected])
http://www.vmware.com/download/esx/esx-254-200610-patch.html ([email protected])
http://www.vupen.com/english/advisories/2006/1426 Vendor Advisory ([email protected])
http://www.vupen.com/english/advisories/2006/1475 Vendor Advisory ([email protected])
http://www.vupen.com/english/advisories/2006/2554 Vendor Advisory ([email protected])
http://www.vupen.com/english/advisories/2006/4353 Vendor Advisory ([email protected])
http://www.vupen.com/english/advisories/2006/4502 Vendor Advisory ([email protected])
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187910 ([email protected])
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187911 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/25871 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9995 ([email protected])
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:14.fpu.asc (af854a3a-2127-422b-91ae-364da2661108)
http://kb.vmware.com/kb/2533126 (af854a3a-2127-422b-91ae-364da2661108)
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.9 (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html (af854a3a-2127-422b-91ae-364da2661108)
http://lwn.net/Alerts/180820/ (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=linux-kernel&m=114548768214478&w=2 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/19715 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/19724 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/19735 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/20398 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/20671 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/20716 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/20914 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21035 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21136 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21465 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21983 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22417 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22875 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22876 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://security.freebsd.org/advisories/FreeBSD-SA-06:14-amd.txt (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1015966 (af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm (af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-1097 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-1103 (af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2006-05-31.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/24746 (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/24807 (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0437.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0575.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2006-0579.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/431341 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/451404/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/451417/100/200/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/451419/100/200/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/451421/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/17600 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-302-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vmware.com/download/esx/esx-213-200610-patch.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.vmware.com/download/esx/esx-254-200610-patch.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/1426 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/1475 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/2554 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/4353 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/4502 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187910 (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187911 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25871 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9995 (af854a3a-2127-422b-91ae-364da2661108)