CVE-2024-2193 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2024-2193

CVE-2024-2193

March 15, 2024

A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.

Related Resources (14)

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html

http://xenbits.xen.org/xsa/advisory-453.html

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/

https://xenbits.xen.org/xsa/advisory-453.html

https://www.vusec.net/projects/ghostrace/

https://download.vusec.net/papers/ghostrace_sec24.pdf

http://www.openwall.com/lists/oss-security/2024/03/12/14

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/

https://seclists.org/oss-sec/2024/q1/220

https://www.kb.cert.org/vuls/id/488902