Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2024-0115
HistoryApr 10, 2024 - 7:03 a.m.

Updated xen packages fix security vulnerabilities

2024-04-1007:03:52
Gentoo Foundation
advisories.mageia.org
8
xen
security vulnerabilities
x86
shadow stack
exceptions
emulation stubs
register file data sampling
ghostrace
speculative race conditions
cve-2023-46841
cve-2023-28746
cve-2024-2193
unix

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

7.3 High

AI Score

Confidence

Low

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

14.6%

JSON

x86: shadow stack vs exceptions from emulation stubs. (CVE-2023-46841) x86: Register File Data Sampling. (CVE-2023-28746) GhostRace: Speculative Race Conditions. (CVE-2024-2193)

OSVersionArchitecturePackageVersionFilename
Mageia9noarchxen< 4.17.3-1.1xen-4.17.3-1.1.mga9

Related

nessus 49
openvas 32
fedora 5
ubuntucve 3
debiancve 3
cve 3
osv 5
xen 3
veracode 2
talosblog 1
amd 1
cert 1
mscve 1
alpinelinux 1
redhatcve 2
intel 1
amazon 1
thn 2
citrix 1
hp 1
debian 3
freebsd 1
mageia 1
chrome 1
mskb 15
kaspersky 2
rapid7blog 1
nessus
nessus
Fedora 40 : xen (2024-3a36322c4b)
2024-04-29 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xen (SUSE-SU-2024:1102-1)
2024-04-09 00:00:00
Fedora 38 : xen (2024-29f57f1b4e)
2024-03-30 00:00:00
openvas
openvas
openSUSE: Security Advisory for xen (SUSE-SU-2024:1102-1)
2024-04-09 00:00:00
Mageia: Security Advisory (MGASA-2024-0115)
2024-04-11 00:00:00
Fedora: Security Advisory for xen (FEDORA-2024-3a36322c4b)
2024-03-25 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: xen-4.18.1-1.fc40
2024-03-23 00:54:07
[SECURITY] Fedora 38 Update: xen-4.17.2-8.fc38
2024-03-30 01:44:40
[SECURITY] Fedora 39 Update: xen-4.17.2-8.fc39
2024-03-30 01:09:49
ubuntucve
ubuntucve
CVE-2023-46841
2024-03-20 00:00:00
CVE-2023-28746
2024-03-12 00:00:00
CVE-2024-2193
2024-03-15 00:00:00
debiancve
debiancve
CVE-2023-46841
2024-03-20 11:15:08
CVE-2024-2193
2024-03-15 18:15:08
CVE-2023-28746
2024-03-14 17:15:50
cve
cve
CVE-2023-46841
2024-03-20 11:15:08
CVE-2024-2193
2024-03-15 18:15:08
CVE-2023-28746
2024-03-14 17:15:50
osv
osv
CVE-2023-46841
2024-03-20 11:15:08
CVE-2024-2193
2024-03-15 18:15:08
CVE-2023-28746
2024-03-14 17:15:50
xen
xen
x86: shadow stack vs exceptions from emulation stubs
2024-02-27 10:38:00
GhostRace: Speculative Race Conditions
2024-03-12 16:44:00
x86: Register File Data Sampling
2024-03-12 16:44:00
veracode
veracode
Speculative Race Condition
2024-03-20 23:42:26
Information Exposure
2024-03-16 08:18:03
talosblog
talosblog
Not everything has to be a massive, global cyber attack
2024-03-14 18:00:08
amd
amd
Speculative Race Conditions (SRCs)
2024-03-12 00:00:00
cert
cert
CPU hardware utilizing speculative execution may be vulnerable to speculative race conditions
2024-03-14 00:00:00
mscve
mscve
Intel: CVE-2023-28746 Register File Data Sampling (RFDS)
2024-03-12 07:00:00
alpinelinux
alpinelinux
CVE-2023-28746
2024-03-14 17:15:50
redhatcve
redhatcve
CVE-2023-28746
2024-03-21 14:31:21
CVE-2024-2193
2024-03-13 08:07:30
intel
intel
2024.1 IPU - Intel® Atom® Processor Advisory
2024-03-12 00:00:00
amazon
amazon
Medium: kernel
2024-04-24 22:15:00
thn
thn
GhostRace – New Data Leak Vulnerability Affects Modern CPUs
2024-03-15 17:46:00
Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel
2024-04-10 09:26:00
citrix
citrix
Citrix Hypervisor Security Update for CVE-2023-39368 and CVE-2023-38575
2024-03-12 17:06:58
hp
hp
Intel 2024.1 IPU - BIOS March 2024 Security Updates
2024-03-13 00:00:00
debian
debian
[SECURITY] [DLA 3808-1] intel-microcode security update
2024-05-04 15:21:43
[SECURITY] [DSA 5658-1] linux security update
2024-04-13 06:38:27
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39
freebsd
freebsd
Intel CPUs -- multiple vulnerabilities
2023-03-12 00:00:00
mageia
mageia
Updated microcode packages fix security vulnerabilities
2024-03-31 06:27:58
chrome
chrome
Stable Channel Update for ChromeOS / ChromeOS Flex
2024-03-05 00:00:00
mskb
mskb
March 12, 2024—KB5035919 (Security-only update)
2024-03-12 07:00:00
March 12, 2024—KB5035933 (Security-only update)
2024-03-12 07:00:00
March 12, 2024—KB5035920 (Monthly Rollup)
2024-03-12 07:00:00
kaspersky
kaspersky
KLA65123 Multiple vulnerabilities in Microsoft Products (ESU)
2024-03-12 00:00:00
KLA65126 Multiple vulnerabilities in Microsoft Windows
2024-03-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2024
2024-03-12 19:47:44

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

7.3 High

AI Score

Confidence

Low

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

14.6%

JSON
Related for MGASA-2024-0115
nessus49openvas32fedora5ubuntucve3debiancve3cve3osv5xen3veracode2talosblog1amd1cert1mscve1alpinelinux1redhatcve2intel1amazon1thn2citrix1hp1debian3freebsd1mageia1chrome1mskb15kaspersky2rapid7blog1