Veracode Vulnerability DatabaseVERACODE:45955Speculative Race Condition
Modern CPU architectures supporting speculative execution are vulnerable to a Speculative Race Condition (SRC) vulnerability, akin to Spectre V1. The vulnerability arises from race conditions that allow an unauthenticated attacker to exploit speculative executable code paths, potentially disclosing arbitrary data from the CPU.
References
www.openwall.com/lists/oss-security/2024/03/12/14
download.vusec.net/papers/ghostrace_sec24.pdf
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23
ibm.github.io/system-security-research-updates/2024/03/12/ghostrace
kb.cert.org/vuls/id/488902
lists.fedoraproject.org/archives/list/[email protected]/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/
lists.fedoraproject.org/archives/list/[email protected]/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/
lists.fedoraproject.org/archives/list/[email protected]/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.16/main.yaml
secdb.alpinelinux.org/v3.17/main.yaml
secdb.alpinelinux.org/v3.18/main.yaml
secdb.alpinelinux.org/v3.19/main.yaml
www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html
www.kb.cert.org/vuls/id/488902
www.vusec.net/projects/ghostrace/
xenbits.xen.org/xsa/advisory-453.html
Related
