Vulnerabilities > CVE-2024-2193

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

NVD

Published: 2024-03-15

Updated: 2024-10-29

Summary

A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.

References

https://kb.cert.org/vuls/id/488902
https://xenbits.xen.org/xsa/advisory-453.html
https://www.vusec.net/projects/ghostrace/
https://download.vusec.net/papers/ghostrace_sec24.pdf
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23
https://ibm.github.io/system-security-research-updates/2024/03/12/ghostrace
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html
https://www.kb.cert.org/vuls/id/488902
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/
https://lists.fedoraproject.org/archives/list/[email protected]/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/
https://lists.fedoraproject.org/archives/list/[email protected]/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/
http://www.openwall.com/lists/oss-security/2024/03/12/14

Vulnerabilities > CVE-2024-2193 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2024-2193"}]}

Summary

References

Vulnerabilities > CVE-2024-2193