Description
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
CVSS breakdown
CVSS 3.0
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None
Affected products
- FreeBSD / FreeBSD1.1.5.1 – 1.1.5.1
- FreeBSD / FreeBSD2.0 – 2.0
- FreeBSD / FreeBSD2.0.5 – 2.0.5
- FreeBSD / FreeBSD2.1.0 – 2.1.0
- FreeBSD / FreeBSD2.1.5 – 2.1.5
- FreeBSD / FreeBSD2.1.6 – 2.1.6
- FreeBSD / FreeBSD2.1.6.1 – 2.1.6.1
- FreeBSD / FreeBSD2.1.7.1 – 2.1.7.1
- FreeBSD / FreeBSD2.2 – 2.2
- FreeBSD / FreeBSD2.2.2 – 2.2.2
- FreeBSD / FreeBSD2.2.3 – 2.2.3
- FreeBSD / FreeBSD2.2.4 – 2.2.4
- FreeBSD / FreeBSD2.2.5 – 2.2.5
- FreeBSD / FreeBSD2.2.6 – 2.2.6
- FreeBSD / FreeBSD2.2.8 – 2.2.8
- FreeBSD / FreeBSD3.0 – 3.0
- FreeBSD / FreeBSD3.0 – 3.0
- FreeBSD / FreeBSD3.1 – 3.1
- FreeBSD / FreeBSD3.2 – 3.2
- FreeBSD / FreeBSD3.3 – 3.3
- FreeBSD / FreeBSD3.4 – 3.4
- FreeBSD / FreeBSD3.5 – 3.5
- FreeBSD / FreeBSD3.5 – 3.5
- FreeBSD / FreeBSD3.5.1 – 3.5.1
- FreeBSD / FreeBSD3.5.1 – 3.5.1
- FreeBSD / FreeBSD3.5.1 – 3.5.1
- FreeBSD / FreeBSD4.0 – 4.0
- FreeBSD / FreeBSD4.0 – 4.0
- FreeBSD / FreeBSD4.0 – 4.0
- FreeBSD / FreeBSD4.1 – 4.1
- FreeBSD / FreeBSD4.1.1 – 4.1.1
- FreeBSD / FreeBSD4.1.1 – 4.1.1
- FreeBSD / FreeBSD4.1.1 – 4.1.1
- FreeBSD / FreeBSD4.2 – 4.2
- FreeBSD / FreeBSD4.2 – 4.2
- FreeBSD / FreeBSD4.3 – 4.3
- FreeBSD / FreeBSD4.3 – 4.3
- FreeBSD / FreeBSD4.3 – 4.3
- FreeBSD / FreeBSD4.3 – 4.3
- FreeBSD / FreeBSD4.3 – 4.3
- FreeBSD / FreeBSD4.4 – 4.4
- FreeBSD / FreeBSD4.4 – 4.4
- FreeBSD / FreeBSD4.4 – 4.4
- FreeBSD / FreeBSD4.4 – 4.4
- FreeBSD / FreeBSD4.5 – 4.5
- FreeBSD / FreeBSD4.5 – 4.5
- FreeBSD / FreeBSD4.5 – 4.5
- FreeBSD / FreeBSD4.5 – 4.5
- FreeBSD / FreeBSD4.5 – 4.5
- FreeBSD / FreeBSD4.6 – 4.6
- FreeBSD / FreeBSD4.6 – 4.6
- FreeBSD / FreeBSD4.6 – 4.6
- FreeBSD / FreeBSD4.6 – 4.6
- FreeBSD / FreeBSD4.6 – 4.6
- FreeBSD / FreeBSD4.6.2 – 4.6.2
- FreeBSD / FreeBSD4.7 – 4.7
- FreeBSD / FreeBSD4.7 – 4.7
- FreeBSD / FreeBSD4.7 – 4.7
- FreeBSD / FreeBSD4.7 – 4.7
- FreeBSD / FreeBSD4.7 – 4.7
- FreeBSD / FreeBSD4.8 – 4.8
- FreeBSD / FreeBSD4.8 – 4.8
- FreeBSD / FreeBSD4.8 – 4.8
- FreeBSD / FreeBSD4.8 – 4.8
- FreeBSD / FreeBSD4.9 – 4.9
- FreeBSD / FreeBSD4.9 – 4.9
- FreeBSD / FreeBSD4.9 – 4.9
- FreeBSD / FreeBSD4.10 – 4.10
- FreeBSD / FreeBSD4.10 – 4.10
- FreeBSD / FreeBSD4.10 – 4.10
- FreeBSD / FreeBSD4.10 – 4.10
- FreeBSD / FreeBSD4.11 – 4.11
- FreeBSD / FreeBSD4.11 – 4.11
- FreeBSD / FreeBSD4.11 – 4.11
- FreeBSD / FreeBSD5.0 – 5.0
- FreeBSD / FreeBSD5.0 – 5.0
- FreeBSD / FreeBSD5.0 – 5.0
- FreeBSD / FreeBSD5.0 – 5.0
- FreeBSD / FreeBSD5.1 – 5.1
- FreeBSD / FreeBSD5.1 – 5.1
- FreeBSD / FreeBSD5.1 – 5.1
- FreeBSD / FreeBSD5.1 – 5.1
- FreeBSD / FreeBSD5.1 – 5.1
- FreeBSD / FreeBSD5.2 – 5.2
- FreeBSD / FreeBSD5.2.1 – 5.2.1
- FreeBSD / FreeBSD5.2.1 – 5.2.1
- FreeBSD / FreeBSD5.3 – 5.3
- FreeBSD / FreeBSD5.3 – 5.3
- FreeBSD / FreeBSD5.3 – 5.3
- FreeBSD / FreeBSD5.3 – 5.3
- FreeBSD / FreeBSD5.4 – 5.4
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux2.1 – 2.1
- RedHat / enterprise_linux3.0 – 3.0
- RedHat / enterprise_linux3.0 – 3.0
- RedHat / enterprise_linux3.0 – 3.0
- RedHat / enterprise_linux4.0 – 4.0
- RedHat / enterprise_linux4.0 – 4.0
- RedHat / enterprise_linux4.0 – 4.0
- RedHat / enterprise_linux_desktop3.0 – 3.0
- RedHat / enterprise_linux_desktop4.0 – 4.0
- RedHat / fedora_corecore_3.0 – core_3.0
- sco / openserver5.0.7 – 5.0.7
- sco / unixware7.1.3 – 7.1.3
- sco / unixware7.1.3_up – 7.1.3_up
- sco / unixware7.1.4 – 7.1.4
- sun / solaris7.0 – 7.0
- sun / solaris8.0 – 8.0
- sun / solaris9.0 – 9.0
- sun / solaris9.0 – 9.0
- sun / solaris10.0 – 10.0
- Ubuntu / ubuntu_linux4.1 – 4.1
- Ubuntu / ubuntu_linux4.1 – 4.1
- Ubuntu / ubuntu_linux5.04 – 5.04
- Ubuntu / ubuntu_linux5.04 – 5.04
- Ubuntu / ubuntu_linux5.04 – 5.04
References
- MISChttp://www.kb.cert.org/vuls/id/911878
- VENDOR_ADVISORYhttp://secunia.com/advisories/18165
- MISChttp://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
- MAILING_LISThttp://marc.info/?l=freebsd-hackers&m=110994026421858&w=2
- MISCftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2005/3002
- VENDOR_ADVISORYhttp://secunia.com/advisories/15348
- MISChttp://www.securityfocus.com/bid/12724
- MAILING_LISThttp://marc.info/?l=freebsd-security&m=110994370429609&w=2
- MISChttp://www.redhat.com/support/errata/RHSA-2005-476.html
- MISChttp://securitytracker.com/id?1013967
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2005/0540
- MISChttp://www.daemonology.net/papers/htt.pdf
- MISChttp://www.redhat.com/support/errata/RHSA-2005-800.html
- MISChttp://www.daemonology.net/hyperthreading-considered-harmful/
- MISChttp://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1
- MAILING_LISThttp://marc.info/?l=openbsd-misc&m=110995101417256&w=2