CVE-2005-0109
Published: 5 March 2005
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
Priority
Status
Package | Release | Status |
---|---|---|
kfreebsd-5 Launchpad, Ubuntu, Debian |
dapper |
Released
(5.4-12)
|
edgy |
Released
(5.4-12)
|
|
feisty |
Released
(5.4-12)
|
|
upstream |
Needs triage
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.6 |
Attack vector | Local |
Attack complexity | High |
Privileges required | Low |
User interaction | None |
Scope | Changed |
Confidentiality | High |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N |