Lucene search

K

GoogleOSV:CVE-2024-2193

HistoryMar 15, 2024 - 6:15 p.m.

CVE-2024-2193

2024-03-1518:15:08

Google

osv.dev

6

cve-2024-2193

spectre v1

speculative execution

unauthenticated attacker

arbitrary data

race conditions

cpu

executable code paths

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.6%

A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.

CPENameOperatorVersion
xeneq4.4.1-r7
xeneq4.5.0-r0
xeneq4.13.0-r3
xeneq4.4.2-r0
xeneq4.13.0-r2
xeneq4.5.1-r2
xeneq4.3.0-r2
xeneq4.2.1-r9
xeneq4.7.0-r5
xeneq4.17.1-r2

Rows per page:

1-10 of 2281

References

www.openwall.com/lists/oss-security/2024/03/12/14

download.vusec.net/papers/ghostrace_sec24.pdf

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23

ibm.github.io/system-security-research-updates/2024/03/12/ghostrace

kb.cert.org/vuls/id/488902

lists.fedoraproject.org/archives/list/[email protected]/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/

lists.fedoraproject.org/archives/list/[email protected]/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/

lists.fedoraproject.org/archives/list/[email protected]/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/

www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html

www.kb.cert.org/vuls/id/488902

www.vusec.net/projects/ghostrace/

xenbits.xen.org/xsa/advisory-453.html

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.6%

Related for OSV:CVE-2024-2193

debiancve1 xen1 veracode1 talosblog1 amd1 cert1 cve1 openvas8 redhatcve1 nessus11 fedora3 ubuntucve1 amazon1 thn2 mageia1