Bug 66535 - CVE-2002-1571 kernel leaks register information to other processes
CVE-2002-1571 kernel leaks register information to other processes
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: kernel (Show other bugs)
2.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Larry Woodman
Brian Brock
impact=moderate,source=lkml,reported=...
: Security
Depends On: 66521
Blocks:
  Show dependency treegraph
 
Reported: 2002-06-11 16:49 EDT by Arjan van de Ven
Modified: 2007-11-30 17:06 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-07-18 10:00:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Arjan van de Ven 2002-06-11 16:49:52 EDT
The AS kernel leaks the contents of the XMM registers (Screaming Sindy) to other
processes as it fails to zero them on process start and during ptrace. Since
those registers are mostly used by crypto programs this security leak can be
rather senstive. Patch available for 2.4.18; will apply to 2.4.9 with minimal
changes
Comment 1 Larry Woodman 2002-08-05 12:17:47 EDT
Fixed in AS2.1 errata kernel-2.4.9-e.8, released on 7/29.

Larry Woodman

Note You need to log in before you can comment on or make changes to this bug.