Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Freebsd | Freebsd | 1.1.5.1 (including) | 1.1.5.1 (including) |
| Freebsd | Freebsd | 2.0 (including) | 2.0 (including) |
| Freebsd | Freebsd | 2.0.5 (including) | 2.0.5 (including) |
| Freebsd | Freebsd | 2.1.0 (including) | 2.1.0 (including) |
| Freebsd | Freebsd | 2.1.5 (including) | 2.1.5 (including) |
| Freebsd | Freebsd | 2.1.6 (including) | 2.1.6 (including) |
| Freebsd | Freebsd | 2.1.6.1 (including) | 2.1.6.1 (including) |
| Freebsd | Freebsd | 2.1.7.1 (including) | 2.1.7.1 (including) |
| Freebsd | Freebsd | 2.2 (including) | 2.2 (including) |
| Freebsd | Freebsd | 2.2.2 (including) | 2.2.2 (including) |
| Freebsd | Freebsd | 2.2.3 (including) | 2.2.3 (including) |
| Freebsd | Freebsd | 2.2.4 (including) | 2.2.4 (including) |
| Freebsd | Freebsd | 2.2.5 (including) | 2.2.5 (including) |
| Freebsd | Freebsd | 2.2.6 (including) | 2.2.6 (including) |
| Freebsd | Freebsd | 2.2.8 (including) | 2.2.8 (including) |
| Freebsd | Freebsd | 3.0 (including) | 3.0 (including) |
| Freebsd | Freebsd | 3.0-releng (including) | 3.0-releng (including) |
| Freebsd | Freebsd | 3.1 (including) | 3.1 (including) |
| Freebsd | Freebsd | 3.2 (including) | 3.2 (including) |
| Freebsd | Freebsd | 3.3 (including) | 3.3 (including) |
| Freebsd | Freebsd | 3.4 (including) | 3.4 (including) |
| Freebsd | Freebsd | 3.5 (including) | 3.5 (including) |
| Freebsd | Freebsd | 3.5-stable (including) | 3.5-stable (including) |
| Freebsd | Freebsd | 3.5.1 (including) | 3.5.1 (including) |
| Freebsd | Freebsd | 3.5.1-release (including) | 3.5.1-release (including) |
| Freebsd | Freebsd | 3.5.1-stable (including) | 3.5.1-stable (including) |
| Freebsd | Freebsd | 4.0 (including) | 4.0 (including) |
| Freebsd | Freebsd | 4.0-alpha (including) | 4.0-alpha (including) |
| Freebsd | Freebsd | 4.0-releng (including) | 4.0-releng (including) |
| Freebsd | Freebsd | 4.1 (including) | 4.1 (including) |
| Freebsd | Freebsd | 4.1.1 (including) | 4.1.1 (including) |
| Freebsd | Freebsd | 4.1.1-release (including) | 4.1.1-release (including) |
| Freebsd | Freebsd | 4.1.1-stable (including) | 4.1.1-stable (including) |
| Freebsd | Freebsd | 4.2 (including) | 4.2 (including) |
| Freebsd | Freebsd | 4.2-stable (including) | 4.2-stable (including) |
| Freebsd | Freebsd | 4.3 (including) | 4.3 (including) |
| Freebsd | Freebsd | 4.3-release (including) | 4.3-release (including) |
| Freebsd | Freebsd | 4.3-release_p38 (including) | 4.3-release_p38 (including) |
| Freebsd | Freebsd | 4.3-releng (including) | 4.3-releng (including) |
| Freebsd | Freebsd | 4.3-stable (including) | 4.3-stable (including) |
| Freebsd | Freebsd | 4.4 (including) | 4.4 (including) |
| Freebsd | Freebsd | 4.4-release_p42 (including) | 4.4-release_p42 (including) |
| Freebsd | Freebsd | 4.4-releng (including) | 4.4-releng (including) |
| Freebsd | Freebsd | 4.4-stable (including) | 4.4-stable (including) |
| Freebsd | Freebsd | 4.5 (including) | 4.5 (including) |
| Freebsd | Freebsd | 4.5-release (including) | 4.5-release (including) |
| Freebsd | Freebsd | 4.5-release_p32 (including) | 4.5-release_p32 (including) |
| Freebsd | Freebsd | 4.5-releng (including) | 4.5-releng (including) |
| Freebsd | Freebsd | 4.5-stable (including) | 4.5-stable (including) |
| Freebsd | Freebsd | 4.6 (including) | 4.6 (including) |
| Freebsd | Freebsd | 4.6-release (including) | 4.6-release (including) |
| Freebsd | Freebsd | 4.6-release_p20 (including) | 4.6-release_p20 (including) |
| Freebsd | Freebsd | 4.6-releng (including) | 4.6-releng (including) |
| Freebsd | Freebsd | 4.6-stable (including) | 4.6-stable (including) |
| Freebsd | Freebsd | 4.6.2 (including) | 4.6.2 (including) |
| Freebsd | Freebsd | 4.7 (including) | 4.7 (including) |
| Freebsd | Freebsd | 4.7-release (including) | 4.7-release (including) |
| Freebsd | Freebsd | 4.7-release_p17 (including) | 4.7-release_p17 (including) |
| Freebsd | Freebsd | 4.7-releng (including) | 4.7-releng (including) |
| Freebsd | Freebsd | 4.7-stable (including) | 4.7-stable (including) |
| Freebsd | Freebsd | 4.8 (including) | 4.8 (including) |
| Freebsd | Freebsd | 4.8-pre-release (including) | 4.8-pre-release (including) |
| Freebsd | Freebsd | 4.8-release_p6 (including) | 4.8-release_p6 (including) |
| Freebsd | Freebsd | 4.8-releng (including) | 4.8-releng (including) |
| Freebsd | Freebsd | 4.9 (including) | 4.9 (including) |
| Freebsd | Freebsd | 4.9-pre-release (including) | 4.9-pre-release (including) |
| Freebsd | Freebsd | 4.9-releng (including) | 4.9-releng (including) |
| Freebsd | Freebsd | 4.10 (including) | 4.10 (including) |
| Freebsd | Freebsd | 4.10-release (including) | 4.10-release (including) |
| Freebsd | Freebsd | 4.10-release_p8 (including) | 4.10-release_p8 (including) |
| Freebsd | Freebsd | 4.10-releng (including) | 4.10-releng (including) |
| Freebsd | Freebsd | 4.11-release_p3 (including) | 4.11-release_p3 (including) |
| Freebsd | Freebsd | 4.11-releng (including) | 4.11-releng (including) |
| Freebsd | Freebsd | 4.11-stable (including) | 4.11-stable (including) |
| Freebsd | Freebsd | 5.0 (including) | 5.0 (including) |
| Freebsd | Freebsd | 5.0-alpha (including) | 5.0-alpha (including) |
| Freebsd | Freebsd | 5.0-release_p14 (including) | 5.0-release_p14 (including) |
| Freebsd | Freebsd | 5.0-releng (including) | 5.0-releng (including) |
| Freebsd | Freebsd | 5.1 (including) | 5.1 (including) |
| Freebsd | Freebsd | 5.1-alpha (including) | 5.1-alpha (including) |
| Freebsd | Freebsd | 5.1-release (including) | 5.1-release (including) |
| Freebsd | Freebsd | 5.1-release_p5 (including) | 5.1-release_p5 (including) |
| Freebsd | Freebsd | 5.1-releng (including) | 5.1-releng (including) |
| Freebsd | Freebsd | 5.2 (including) | 5.2 (including) |
| Freebsd | Freebsd | 5.2.1-release (including) | 5.2.1-release (including) |
| Freebsd | Freebsd | 5.2.1-releng (including) | 5.2.1-releng (including) |
| Freebsd | Freebsd | 5.3 (including) | 5.3 (including) |
| Freebsd | Freebsd | 5.3-release (including) | 5.3-release (including) |
| Freebsd | Freebsd | 5.3-releng (including) | 5.3-releng (including) |
| Freebsd | Freebsd | 5.3-stable (including) | 5.3-stable (including) |
| Freebsd | Freebsd | 5.4-pre-release (including) | 5.4-pre-release (including) |
| Freebsd | Freebsd | 5.4-release (including) | 5.4-release (including) |
| Enterprise_linux | Redhat | 2.1 (including) | 2.1 (including) |
| Enterprise_linux | Redhat | 3.0 (including) | 3.0 (including) |
| Enterprise_linux | Redhat | 4.0 (including) | 4.0 (including) |
| Enterprise_linux_desktop | Redhat | 3.0 (including) | 3.0 (including) |
| Enterprise_linux_desktop | Redhat | 4.0 (including) | 4.0 (including) |
| Fedora_core | Redhat | core_3.0 (including) | core_3.0 (including) |
| Openserver | Sco | 5.0.7 (including) | 5.0.7 (including) |
| Unixware | Sco | 7.1.3 (including) | 7.1.3 (including) |
| Unixware | Sco | 7.1.3_up (including) | 7.1.3_up (including) |
| Unixware | Sco | 7.1.4 (including) | 7.1.4 (including) |
| Solaris | Sun | 7.0 (including) | 7.0 (including) |
| Solaris | Sun | 8.0 (including) | 8.0 (including) |
| Solaris | Sun | 9.0 (including) | 9.0 (including) |
| Solaris | Sun | 9.0-x86_update_2 (including) | 9.0-x86_update_2 (including) |
| Solaris | Sun | 10.0 (including) | 10.0 (including) |
| Ubuntu_linux | Ubuntu | 4.1 (including) | 4.1 (including) |
| Ubuntu_linux | Ubuntu | 5.04 (including) | 5.04 (including) |
| Red Hat Enterprise Linux 3 | RedHat | openssl-0:0.9.7a-33.15 | * |
| Red Hat Enterprise Linux 3 | RedHat | openssl096b-0:0.9.6b-16.22.3 | * |
| Red Hat Enterprise Linux 3 | RedHat | openssl-0:0.9.7a-33.17 | * |
| Red Hat Enterprise Linux 3 | RedHat | openssl096b-0:0.9.6b-16.22.4 | * |
| Red Hat Enterprise Linux 4 | RedHat | openssl-0:0.9.7a-43.2 | * |
| Red Hat Enterprise Linux 4 | RedHat | openssl096b-0:0.9.6b-22.3 | * |
| Red Hat Enterprise Linux 4 | RedHat | openssl-0:0.9.7a-43.4 | * |
| Red Hat Enterprise Linux 4 | RedHat | openssl096b-0:0.9.6b-22.4 | * |
| Red Hat Stronghold 4 | RedHat | * | |
| Kfreebsd-5 | Ubuntu | dapper | * |
| Kfreebsd-5 | Ubuntu | devel | * |
| Kfreebsd-5 | Ubuntu | edgy | * |
| Kfreebsd-5 | Ubuntu | feisty | * |
References
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt
- http://marc.info/?l=freebsd-hackers\u0026m=110994026421858\u0026w=2
- http://marc.info/?l=freebsd-security\u0026m=110994370429609\u0026w=2
- http://marc.info/?l=openbsd-misc\u0026m=110995101417256\u0026w=2
- http://secunia.com/advisories/15348
- http://secunia.com/advisories/18165
- http://securitytracker.com/id?1013967
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1
- http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
- http://www.daemonology.net/hyperthreading-considered-harmful/
- http://www.daemonology.net/papers/htt.pdf
- http://www.kb.cert.org/vuls/id/911878
- http://www.redhat.com/support/errata/RHSA-2005-476.html
- http://www.redhat.com/support/errata/RHSA-2005-800.html
- http://www.securityfocus.com/bid/12724
- http://www.vupen.com/english/advisories/2005/0540
- http://www.vupen.com/english/advisories/2005/3002
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt
- http://marc.info/?l=freebsd-hackers\u0026m=110994026421858\u0026w=2
- http://marc.info/?l=freebsd-security\u0026m=110994370429609\u0026w=2
- http://marc.info/?l=openbsd-misc\u0026m=110995101417256\u0026w=2
- http://secunia.com/advisories/15348
- http://secunia.com/advisories/18165
- http://securitytracker.com/id?1013967
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1
- http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754
- http://www.daemonology.net/hyperthreading-considered-harmful/
- http://www.daemonology.net/papers/htt.pdf
- http://www.kb.cert.org/vuls/id/911878
- http://www.redhat.com/support/errata/RHSA-2005-476.html
- http://www.redhat.com/support/errata/RHSA-2005-800.html
- http://www.securityfocus.com/bid/12724
- http://www.vupen.com/english/advisories/2005/0540
- http://www.vupen.com/english/advisories/2005/3002
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747