CVE-2004-0565

2004-12-0605:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

linux

information leak

security

nvd

5.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

9.3%

JSON

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

CPENameOperatorVersion
mandrakesoft:mandrake_multi_network_firewallmandrakesoft mandrake multi network firewalleq8.2
trustix:secure_linuxtrustix secure linuxeq2.0
mandrakesoft:mandrake_linux_corporate_servermandrakesoft mandrake linux corporate servereq2.1
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq9.2
trustix:secure_linuxtrustix secure linuxeq2
linux:linux_kernellinux linux kerneleq2.4.0
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq10.0
trustix:secure_linuxtrustix secure linuxeq2.1
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq9.1
gentoo:linuxgentoo linuxeq*

CPE	Name	Operator	Version
mandrakesoft:mandrake_multi_network_firewall	mandrakesoft mandrake multi network firewall	eq	8.2
trustix:secure_linux	trustix secure linux	eq	2.0
mandrakesoft:mandrake_linux_corporate_server	mandrakesoft mandrake linux corporate server	eq	2.1
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	9.2
trustix:secure_linux	trustix secure linux	eq	2
linux:linux_kernel	linux linux kernel	eq	2.4.0
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	10.0
trustix:secure_linux	trustix secure linux	eq	2.1
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	9.1
gentoo:linux	gentoo linux	eq	*