Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2024-25743
HistoryMay 15, 2024 - 6:15 p.m.

CVE-2024-25743

2024-05-1518:15:10
Debian Security Bug Tracker
security-tracker.debian.org
12
linux
kernel
virtual interrupt
hypervisor
sigfpe
amd sev-snp
amd sev-es
vulnerability

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

6.2

Confidence

Low

In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES.

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

6.2

Confidence

Low