CVE-2005-0109

Current Description

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.

Basic Data

PublishedMarch 05, 2005
Last ModifiedOctober 16, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:M/Au:N/C:C/I:N/A:N
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score4.7
SeverityMEDIUM
Exploitability Score3.4
Impact Score6.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

CVSS 3 - Version3.0
CVSS 3 - Vector StringCVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CVSS 3 - Attack VectorLOCAL
CVSS 3 - Attack ComplexityHIGH
CVSS 3 - Privileges RequiredLOW
CVSS 3 - User InteractionNONE
CVSS 3 - ScopeCHANGED
CVSS 3 - Confidentiality ImpactHIGH
CVSS 3 - Integrity ImpactNONE
CVSS 3 - Availability ImpactNONE
CVSS 3 - Base Score5.6
CVSS 3 - Base SeverityMEDIUM
Exploitability Score1.1
Base SeverityMEDIUM

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSFreebsdFreebsd1.1.5.1*******
    2.3OSFreebsdFreebsd2.0*******
    2.3OSFreebsdFreebsd2.0.5*******
    2.3OSFreebsdFreebsd2.1.0*******
    2.3OSFreebsdFreebsd2.1.5*******
    2.3OSFreebsdFreebsd2.1.6*******
    2.3OSFreebsdFreebsd2.1.6.1*******
    2.3OSFreebsdFreebsd2.1.7.1*******
    2.3OSFreebsdFreebsd2.2*******
    2.3OSFreebsdFreebsd2.2.2*******
    2.3OSFreebsdFreebsd2.2.3*******
    2.3OSFreebsdFreebsd2.2.4*******
    2.3OSFreebsdFreebsd2.2.5*******
    2.3OSFreebsdFreebsd2.2.6*******
    2.3OSFreebsdFreebsd2.2.8*******
    2.3OSFreebsdFreebsd3.0*******
    2.3OSFreebsdFreebsd3.0releng******
    2.3OSFreebsdFreebsd3.1*******
    2.3OSFreebsdFreebsd3.2*******
    2.3OSFreebsdFreebsd3.3*******
    2.3OSFreebsdFreebsd3.4*******
    2.3OSFreebsdFreebsd3.5*******
    2.3OSFreebsdFreebsd3.5stable******
    2.3OSFreebsdFreebsd3.5.1*******
    2.3OSFreebsdFreebsd3.5.1release******
    2.3OSFreebsdFreebsd3.5.1stable******
    2.3OSFreebsdFreebsd4.0*******
    2.3OSFreebsdFreebsd4.0alpha******
    2.3OSFreebsdFreebsd4.0releng******
    2.3OSFreebsdFreebsd4.1*******
    2.3OSFreebsdFreebsd4.1.1*******
    2.3OSFreebsdFreebsd4.1.1release******
    2.3OSFreebsdFreebsd4.1.1stable******
    2.3OSFreebsdFreebsd4.2*******
    2.3OSFreebsdFreebsd4.2stable******
    2.3OSFreebsdFreebsd4.3*******
    2.3OSFreebsdFreebsd4.3release******
    2.3OSFreebsdFreebsd4.3release_p38******
    2.3OSFreebsdFreebsd4.3releng******
    2.3OSFreebsdFreebsd4.3stable******
    2.3OSFreebsdFreebsd4.4*******
    2.3OSFreebsdFreebsd4.4release_p42******
    2.3OSFreebsdFreebsd4.4releng******
    2.3OSFreebsdFreebsd4.4stable******
    2.3OSFreebsdFreebsd4.5*******
    2.3OSFreebsdFreebsd4.5release******
    2.3OSFreebsdFreebsd4.5release_p32******
    2.3OSFreebsdFreebsd4.5releng******
    2.3OSFreebsdFreebsd4.5stable******
    2.3OSFreebsdFreebsd4.6*******
    2.3OSFreebsdFreebsd4.6release******
    2.3OSFreebsdFreebsd4.6release_p20******
    2.3OSFreebsdFreebsd4.6releng******
    2.3OSFreebsdFreebsd4.6stable******
    2.3OSFreebsdFreebsd4.6.2*******
    2.3OSFreebsdFreebsd4.7*******
    2.3OSFreebsdFreebsd4.7release******
    2.3OSFreebsdFreebsd4.7release_p17******
    2.3OSFreebsdFreebsd4.7releng******
    2.3OSFreebsdFreebsd4.7stable******
    2.3OSFreebsdFreebsd4.8*******
    2.3OSFreebsdFreebsd4.8pre-release******
    2.3OSFreebsdFreebsd4.8release_p6******
    2.3OSFreebsdFreebsd4.8releng******
    2.3OSFreebsdFreebsd4.9*******
    2.3OSFreebsdFreebsd4.9pre-release******
    2.3OSFreebsdFreebsd4.9releng******
    2.3OSFreebsdFreebsd4.10*******
    2.3OSFreebsdFreebsd4.10release******
    2.3OSFreebsdFreebsd4.10release_p8******
    2.3OSFreebsdFreebsd4.10releng******
    2.3OSFreebsdFreebsd4.11release_p3******
    2.3OSFreebsdFreebsd4.11releng******
    2.3OSFreebsdFreebsd4.11stable******
    2.3OSFreebsdFreebsd5.0*******
    2.3OSFreebsdFreebsd5.0alpha******
    2.3OSFreebsdFreebsd5.0release_p14******
    2.3OSFreebsdFreebsd5.0releng******
    2.3OSFreebsdFreebsd5.1*******
    2.3OSFreebsdFreebsd5.1alpha******
    2.3OSFreebsdFreebsd5.1release******
    2.3OSFreebsdFreebsd5.1release_p5******
    2.3OSFreebsdFreebsd5.1releng******
    2.3OSFreebsdFreebsd5.2*******
    2.3OSFreebsdFreebsd5.2.1release******
    2.3OSFreebsdFreebsd5.2.1releng******
    2.3OSFreebsdFreebsd5.3*******
    2.3OSFreebsdFreebsd5.3release******
    2.3OSFreebsdFreebsd5.3releng******
    2.3OSFreebsdFreebsd5.3stable******
    2.3OSFreebsdFreebsd5.4pre-release******
    2.3OSFreebsdFreebsd5.4release******
    2.3OSRedhatEnterprise Linux2.1*advanced_server*****
    2.3OSRedhatEnterprise Linux2.1*advanced_server_ia64*****
    2.3OSRedhatEnterprise Linux2.1*enterprise_server*****
    2.3OSRedhatEnterprise Linux2.1*enterprise_server_ia64*****
    2.3OSRedhatEnterprise Linux2.1*workstation*****
    2.3OSRedhatEnterprise Linux2.1*workstation_ia64*****
    2.3OSRedhatEnterprise Linux3.0*advanced_server*****
    2.3OSRedhatEnterprise Linux3.0*enterprise_server*****
    2.3OSRedhatEnterprise Linux3.0*workstation_server*****
    2.3OSRedhatEnterprise Linux4.0*advanced_server*****
    2.3OSRedhatEnterprise Linux4.0*enterprise_server*****
    2.3OSRedhatEnterprise Linux4.0*workstation*****
    2.3OSRedhatEnterprise Linux Desktop3.0*******
    2.3OSRedhatEnterprise Linux Desktop4.0*******
    2.3OSRedhatFedora Corecore_3.0*******
    2.3OSScoOpenserver5.0.7*******
    2.3OSScoUnixware7.1.3*******
    2.3OSScoUnixware7.1.3_up*******
    2.3OSScoUnixware7.1.4*******
    2.3OSSunSolaris7.0*x86*****
    2.3OSSunSolaris8.0*x86*****
    2.3OSSunSolaris9.0*x86*****
    2.3OSSunSolaris9.0x86_update_2******
    2.3OSSunSolaris10.0*sparc*****
    2.3OSUbuntuUbuntu Linux4.1*ia64*****
    2.3OSUbuntuUbuntu Linux4.1*ppc*****
    2.3OSUbuntuUbuntu Linux5.04*amd64*****
    2.3OSUbuntuUbuntu Linux5.04*i386*****
    2.3OSUbuntuUbuntu Linux5.04*powerpc*****

Vulnerable Software List

VendorProductVersions
Freebsd Freebsd 1.1.5.1, 2.0, 2.0.5, 2.1.0, 2.1.5, 2.1.6, 2.1.6.1, 2.1.7.1, 2.2, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.8, 3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.5.1, 4.0, 4.1, 4.1.1, 4.10, 4.11, 4.2, 4.3, 4.4, 4.5, 4.6, 4.6.2, 4.7, 4.8, 4.9, 5.0, 5.1, 5.2, 5.2.1, 5.3, 5.4
Redhat Enterprise Linux 2.1, 3.0, 4.0
Redhat Enterprise Linux Desktop 3.0, 4.0
Redhat Fedora Core core_3.0
Ubuntu Ubuntu Linux 4.1, 5.04
Sun Solaris 10.0, 7.0, 8.0, 9.0
Sco Openserver 5.0.7
Sco Unixware 7.1.3, 7.1.3_up, 7.1.4

References

NameSourceURLTags
SCOSA-2005.24ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txtSCOThird Party Advisory
[freebsd-hackers] 20050304 Re: FW:FreeBSD hiding security stuffhttp://marc.info/?l=freebsd-hackers&m=110994026421858&w=2MLISTMailing List
[freebsd-security] 20050304 [Fwd: Re: FW:FreeBSD hiding security stuff]http://marc.info/?l=freebsd-security&m=110994370429609&w=2MLISTMailing List
[openbsd-misc] 20050304 Re: FreeBSD hiding security stuffhttp://marc.info/?l=openbsd-misc&m=110995101417256&w=2MLISTMailing List
15348http://secunia.com/advisories/15348SECUNIAPermissions Required
18165http://secunia.com/advisories/18165SECUNIAPermissions Required
1013967http://securitytracker.com/id?1013967SECTRACKPatch Third Party Advisory VDB Entry Vendor Advisory
101739http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1SUNALERTVendor Advisory
http://www.daemonology.net/hyperthreading-considered-harmful/http://www.daemonology.net/hyperthreading-considered-harmful/MISCThird Party Advisory
http://www.daemonology.net/papers/htt.pdfhttp://www.daemonology.net/papers/htt.pdfMISCThird Party Advisory
VU#911878http://www.kb.cert.org/vuls/id/911878CERT-VNThird Party Advisory US Government Resource
RHSA-2005:476http://www.redhat.com/support/errata/RHSA-2005-476.htmlREDHATNot Applicable
RHSA-2005:800http://www.redhat.com/support/errata/RHSA-2005-800.htmlREDHATNot Applicable
12724http://www.securityfocus.com/bid/12724BIDPatch Third Party Advisory VDB Entry Vendor Advisory
ADV-2005-0540http://www.vupen.com/english/advisories/2005/0540VUPENPermissions Required
ADV-2005-3002http://www.vupen.com/english/advisories/2005/3002VUPENPermissions Required
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754MISCBroken Link
oval:org.mitre.oval:def:9747https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747OVALThird Party Advisory