CVE-2024-2201

Summary

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

Affected Software

VendorProductVersion RangeStatus
XenXenSee advisory "x86: Native Branch History Injection"affected

Weaknesses

  • CWE-1423

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References