CVE-2006-1056 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2006-1056 Interim 1 11 2023-12-09T02:19:29Z current 2021-05-30T12:35:02Z 2023-12-09T02:19:29Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2006-1056 The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NHYECM4VBKXEW3VB3CVU4VPMJPBVV6X6/#NHYECM4VBKXEW3VB3CVU4VPMJPBVV6X6 E-Mail link for SUSE-SA:2006:028 https://lists.suse.com/pipermail/sle-security-updates/2014-March/000765.html E-Mail link for SUSE-SU-2014:0446-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SP1-LTSS xen-4.0.3_21548_16-0.5.1 xen-doc-html-4.0.3_21548_16-0.5.1 xen-doc-pdf-4.0.3_21548_16-0.5.1 xen-kmp-default-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 xen-kmp-pae-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 xen-kmp-trace-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 xen-libs-4.0.3_21548_16-0.5.1 xen-tools-4.0.3_21548_16-0.5.1 xen-tools-domU-4.0.3_21548_16-0.5.1 xen-4.0.3_21548_16-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-LTSS xen-doc-html-4.0.3_21548_16-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-LTSS xen-doc-pdf-4.0.3_21548_16-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-LTSS xen-kmp-default-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-LTSS xen-kmp-pae-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-LTSS xen-kmp-trace-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-LTSS xen-libs-4.0.3_21548_16-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-LTSS xen-tools-4.0.3_21548_16-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-LTSS xen-tools-domU-4.0.3_21548_16-0.5.1 as a component of SUSE Linux Enterprise Server 11 SP1-LTSS The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels. CVE-2006-1056 SUSE Linux Enterprise Server 11 SP1-LTSS:xen-4.0.3_21548_16-0.5.1 SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-html-4.0.3_21548_16-0.5.1 SUSE Linux Enterprise Server 11 SP1-LTSS:xen-doc-pdf-4.0.3_21548_16-0.5.1 SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-default-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-pae-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 SUSE Linux Enterprise Server 11 SP1-LTSS:xen-kmp-trace-4.0.3_21548_16_2.6.32.59_0.9-0.5.1 SUSE Linux Enterprise Server 11 SP1-LTSS:xen-libs-4.0.3_21548_16-0.5.1 SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-4.0.3_21548_16-0.5.1 SUSE Linux Enterprise Server 11 SP1-LTSS:xen-tools-domU-4.0.3_21548_16-0.5.1 low 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N