Summary: | Kernel: AMD FPU Information leak on i386/x86-64 (CVE-2006-1056) | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> | ||||||||
Component: | Kernel | Assignee: | Gentoo Security <security> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | normal | CC: | chrb, johnm, kang, marineam | ||||||||
Priority: | High | ||||||||||
Version: | unspecified | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
URL: | http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commit;h=7466f9e72dac13452d871a3fb72fc7bd9c93c864 | ||||||||||
Whiteboard: | [linux <2.6.16.9] | ||||||||||
Package list: | Runtime testing required: | --- | |||||||||
Attachments: |
|
Description
Sune Kloppenborg Jeppesen (RETIRED)
2006-04-15 00:51:10 UTC
Created attachment 84692 [details, diff]
amd-fxsave
Patch by Andi Kleen from SUSE.
Created attachment 84693 [details, diff]
amd-fxsave-24
Patch for 2.4 by Andi Kleen from SUSE.
*** Bug 129050 has been marked as a duplicate of this bug. *** OK, so I guess this one's going to be waiting for a while :) -- 2.4 isn't a problem for us since amd64 is 2.6 only Gentoo-wise. Sorry typo in the release date. AFAIK release date is planned for Wednesday. Created attachment 84938 [details, diff]
amd-fxsave.new
Updated patch for 2.6.16.8.
Cleaned up from email and untested.
2.6.16.9 is released to fix this issue. Fixed in genpatches 2.6.16-5. Adding maintainers to CC: ck-sources: marineam hardened-sources-2.6: johnm, hardened rsbac-sources-2.6: kang suspend2-sources: brix usermode-sources: dsd xbox-sources: chrb fixed in ck-sources-2.6.16_p6-r1 Fixed in sys-kernel/suspend2-sources-2.6.16-r4. usermode-sources fixed thanks to dang sys-kernel/gentoo-sources-2.6.16-r7 is now stable on amd64 All done (apart from rsbac-sources (masked)); resolving. CVE-2006-1056: The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processers in a security-relevant fashion that was not addressed by the kernels. |