CVE-2024-2201

Опубликовано: 19 дек. 2024

Источник: debian

EPSS Низкий

Описание

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
linux	fixed	6.8.9-1		package
xen	fixed	4.19.0+14-g0918434e0f-1~exp1	experimental	package
xen	fixed	4.19.1-1		package
xen	end-of-life		bullseye	package
xen	end-of-life		buster	package

Примечания

https://vusec.net/projects/native-bhi
https://download.vusec.net/papers/inspectre_sec24.pdf
https://xenbits.xen.org/xsa/advisory-456.html

EPSS

Процентиль: 5%

0.00023

Низкий

Связанные уязвимости

CVE-2024-2201

CVSS3: 4.7

ubuntu

6 месяцев назад

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

CVE-2024-2201

CVSS3: 4.7

redhat

около 1 года назад

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

CVE-2024-2201

CVSS3: 4.7

nvd

6 месяцев назад

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

CVE-2024-2201

CVSS3: 4.7

msrc

около 1 года назад

Intel: CVE-2024-2201 Branch History Injection

GHSA-j32h-9rm6-p2c5

CVSS3: 4.7

github

6 месяцев назад

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

EPSS

Процентиль: 5%

0.00023

Низкий