CVE-2024-53241
x86/xen: don't do PV iret hypercall through hypercall page
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
x86/xen: don't do PV iret hypercall through hypercall page
Instead of jumping to the Xen hypercall page for doing the iret
hypercall, directly code the required sequence in xen-asm.S.
This is done in preparation of no longer using hypercall page at all,
as it has shown to cause problems with speculation mitigations.
This is part of XSA-466 / CVE-2024-53241.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/xen: no realizar la hiperllamada de PV iret a través de la página de hiperllamada En lugar de saltar a la página de hiperllamada de Xen para realizar la hiperllamada iret, codificar directamente la secuencia requerida en xen-asm.S. Esto se hace como preparación para no utilizar más la página de hiperllamada, ya que se ha demostrado que causa problemas con las mitigaciones de especulación. Esto es parte de XSA-466 / CVE-2024-53241.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2024-11-19 CVE Reserved
- 2024-12-24 CVE Published
- 2024-12-24 CVE Updated
- ---------- EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
http://www.openwall.com/lists/oss-security/2024/12/17/2 | ||
http://www.openwall.com/lists/oss-security/2024/12/23/1 | ||
http://xenbits.xen.org/xsa/advisory-466.html |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 5.10.232 Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.232" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 5.15.175 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15.175" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.1.121 Search vendor "Linux" for product "Linux Kernel" and version " < 6.1.121" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.6.67 Search vendor "Linux" for product "Linux Kernel" and version " < 6.6.67" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.12.6 Search vendor "Linux" for product "Linux Kernel" and version " < 6.12.6" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.13-rc4 Search vendor "Linux" for product "Linux Kernel" and version " < 6.13-rc4" | en |
Affected
|