CVE-2024-50193
x86/entry_32: Clear CPU buffers after register restore in NMI return
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.1EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
08 nov 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved:
x86/entry_32: Clear CPU buffers after register restore in NMI return
CPU buffers are currently cleared after call to exc_nmi, but before
register state is restored. This may be okay for MDS mitigation but not for
RDFS. Because RDFS mitigation requires CPU buffers to be cleared when
registers don't have any sensitive data.
Move CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Productos afectados
Linux · LinuxReferencias
https://git.kernel.org/stable/c/227358e89703c344008119be7e8ffa3fdb5b92dehttps://git.kernel.org/stable/c/43778de19d2ef129636815274644b9c16e78c66bhttps://git.kernel.org/stable/c/48a2440d0f20c826b884e04377ccc1e4696c84e9https://git.kernel.org/stable/c/64adf22c4bc73ede920baca5defefb70f190cdbchttps://git.kernel.org/stable/c/6f44a5fc15b5cece0785bc07453db77d99b0a6dehttps://git.kernel.org/stable/c/b6400eb0b347821efc57760221f8fb6d63b9548ahttps://lists.debian.org/debian-lts-announce/2025/01/msg00001.htmlhttps://lists.debian.org/debian-lts-announce/2025/03/msg00002.html