CVE-2024-2193
Speculative Race Condition impacts modern CPU architectures that support speculative execution, also known as GhostRace.
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://download.vusec.net/papers/ghostrace_sec24.pdfhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23https://ibm.github.io/system-security-research-updates/2024/03/12/ghostracehttps://kb.cert.org/vuls/id/488902https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.htmlhttps://www.kb.cert.org/vuls/id/488902https://www.vusec.net/projects/ghostrace/https://xenbits.xen.org/xsa/advisory-453.htmlhttp://www.openwall.com/lists/oss-security/2024/03/12/14