Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 26, 2005
Not Affected
F5 Products are not vulnerable to VU911878, the hyperthreading information leakage issue.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
FreeBSD has released a security advisory FreeBSD-SA-05:09.htt available from: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:09.htt.asc FreeBSD has also released patches to disable HTT support.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: June 02, 2005
Not Affected
The hyper-threading (HTT) support in FreeBSD kernels is only available when the kernel is configured to support symmetric multi-processing (SMP). JUNOS is not currently configured and built to utilize SMP for any of our platforms. Of our platforms, the J-Series is the only one for which the hardware could physically support HTT. There is no plan to enable HTT on the J-Series platform for any current releases. Juniper E-series and ScreenOS are not based on FreeBSD, and therefore not affected.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: August 05, 2005
Affected
Vendor Statement: Red Hat, Inc Updated packages for Red Hat Enterprise 2.1, 3, and 4 are available to mitigate this and related attacks against OpenSSL: http://rhn.redhat.com/errata/CAN-2005-0109.html
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
SCO has released two security advisories about "Hyper-Threading information leakage", they are available from: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.24/SCOSA-2005.24.txt The security advisories state: "This issue affects OpenServer 5.0.7 if SMP is installed and any Update Pack is applied. It also affects UnixWare 7.1.4 and 7.1.3 if Hyper-Threading is enabled. (Hyper-Threading is disabled in UnixWare by default.)
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: June 03, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Sun have released a Sun(sm) Alert Notification available at: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1 Sun state that Solaris on the SPARC platform is not affected by this issue. The alert contains information on four mitigation options, see the alert for details.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: May 23, 2005 Updated: May 24, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.