Home > Vulnerability Database > CVE-2024-2193

Mend.io Vulnerability Database

CVE-2024-2193

Good to know:

Date: March 15, 2024

A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.

Language: C

Severity Score

5.5

Related Resources (15)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-2193

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/

Url: https://xenbits.xen.org/xsa/advisory-453.html

Url: http://www.openwall.com/lists/oss-security/2024/03/12/14

Url: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/

Url: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/

Url: https://www.kb.cert.org/vuls/id/488902

Url: https://seclists.org/oss-sec/2024/q1/220

Url: https://ibm.github.io/system-security-research-updates/2024/03/12/ghostrace

Url: https://kb.cert.org/vuls/id/488902

Url: https://www.vusec.net/projects/ghostrace/

Url: https://download.vusec.net/papers/ghostrace_sec24.pdf

Url: https://www.mend.io/vulnerability-database/CVE-2024-2193

Severity Score

5.5

Top Fix

Upgrade Version

Upgrade to version 03cf7ca23e0e876075954c558485b267b7d02406

Learn More

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-2193

Good to know:

Date: March 15, 2024

Language: C

Severity Score

Related Resources (15)

Severity Score

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?