admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-29 01:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/2xxx/CVE-2024-2193.json

150 lines
6.3 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2024-03-05 16:00:37 +00:00
{
"-Synchronized-Data."
2024-04-01 20:46:52 +00:00
"data_version": "4.0",
"-Synchronized-Data."
2024-03-05 16:00:37 +00:00
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-2193",
"-Synchronized-Data."
2024-04-01 20:46:52 +00:00
"ASSIGNER": "cert@cert.org",
"STATE": "PUBLIC"
"-Synchronized-Data."
2024-03-05 16:00:37 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2024-04-01 20:46:52 +00:00
"value": "A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AMD",
"product": {
"product_data": [
{
"product_name": "CPU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "See advisory AMD-SB-7016"
}
]
}
}
]
}
},
{
"vendor_name": "Xen",
"product": {
"product_data": [
{
"product_name": "Xen",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "consult Xen advisory XSA-453"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://kb.cert.org/vuls/id/488902",
"refsource": "MISC",
"name": "https://kb.cert.org/vuls/id/488902"
},
{
"url": "https://xenbits.xen.org/xsa/advisory-453.html",
"refsource": "MISC",
"name": "https://xenbits.xen.org/xsa/advisory-453.html"
},
{
"url": "https://www.vusec.net/projects/ghostrace/",
"refsource": "MISC",
"name": "https://www.vusec.net/projects/ghostrace/"
},
{
"url": "https://download.vusec.net/papers/ghostrace_sec24.pdf",
"refsource": "MISC",
"name": "https://download.vusec.net/papers/ghostrace_sec24.pdf"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23"
},
{
"url": "https://ibm.github.io/system-security-research-updates/2024/03/12/ghostrace",
"refsource": "MISC",
"name": "https://ibm.github.io/system-security-research-updates/2024/03/12/ghostrace"
},
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html",
"refsource": "MISC",
"name": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html"
"-Synchronized-Data."
2024-04-02 15:07:32 +00:00
},
{
"url": "https://www.kb.cert.org/vuls/id/488902",
"refsource": "MISC",
"name": "https://www.kb.cert.org/vuls/id/488902"
"-Synchronized-Data."
2024-04-02 15:15:55 +00:00
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/"
"-Synchronized-Data."
2024-04-02 15:26:28 +00:00
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/"
"-Synchronized-Data."
2024-04-02 15:26:56 +00:00
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/"
"-Synchronized-Data."
2024-05-01 18:01:19 +00:00
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/12/14",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2024/03/12/14"
"-Synchronized-Data."
2024-03-05 16:00:37 +00:00
}
]
"-Synchronized-Data."
2024-04-01 20:46:52 +00:00
},
"generator": {
"engine": "VINCE 2.1.11",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2024-2193"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Thanks to Hany Ragab and Cristiano Giuffrida from the VUSec group at VU Amsterdam and Andrea Mambretti and Anil Kurmus from IBM Research Europe, Zurich for discovering and reporting this vulnerability."
}
]
"-Synchronized-Data."
2024-03-05 16:00:37 +00:00
}
Reference in New Issue Copy Permalink