{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-50193", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-10-21T19:36:19.967Z", "datePublished": "2024-11-08T05:54:08.464Z", "dateUpdated": "2025-05-04T12:59:48.384Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:59:48.384Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/entry_32: Clear CPU buffers after register restore in NMI return\n\nCPU buffers are currently cleared after call to exc_nmi, but before\nregister state is restored. This may be okay for MDS mitigation but not for\nRDFS. Because RDFS mitigation requires CPU buffers to be cleared when\nregisters don't have any sensitive data.\n\nMove CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/entry/entry_32.S"], "versions": [{"version": "50f021f0b985629accf10481a6e89af8b9700583", "lessThan": "6f44a5fc15b5cece0785bc07453db77d99b0a6de", "status": "affected", "versionType": "git"}, {"version": "d54de9f2a127090f2017184e8257795b487d5312", "lessThan": "b6400eb0b347821efc57760221f8fb6d63b9548a", "status": "affected", "versionType": "git"}, {"version": "2e3087505ddb8ba2d3d4c81306cca11e868fcdb9", "lessThan": "43778de19d2ef129636815274644b9c16e78c66b", "status": "affected", "versionType": "git"}, {"version": "ca13d8cd8dac25558da4ee8df4dc70e8e7f9d762", "lessThan": "227358e89703c344008119be7e8ffa3fdb5b92de", "status": "affected", "versionType": "git"}, {"version": "a0e2dab44d22b913b4c228c8b52b2a104434b0b3", "lessThan": "64adf22c4bc73ede920baca5defefb70f190cdbc", "status": "affected", "versionType": "git"}, {"version": "a0e2dab44d22b913b4c228c8b52b2a104434b0b3", "lessThan": "48a2440d0f20c826b884e04377ccc1e4696c84e9", "status": "affected", "versionType": "git"}, {"version": "51eca9f1fd047b500137d021f882d93f03280118", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/entry/entry_32.S"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.228", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.169", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.114", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.58", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11.5", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.215", "versionEndExcluding": "5.10.228"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.154", "versionEndExcluding": "5.15.169"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.81", "versionEndExcluding": "6.1.114"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.21", "versionEndExcluding": "6.6.58"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.11.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.12"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/6f44a5fc15b5cece0785bc07453db77d99b0a6de"}, {"url": "https://git.kernel.org/stable/c/b6400eb0b347821efc57760221f8fb6d63b9548a"}, {"url": "https://git.kernel.org/stable/c/43778de19d2ef129636815274644b9c16e78c66b"}, {"url": "https://git.kernel.org/stable/c/227358e89703c344008119be7e8ffa3fdb5b92de"}, {"url": "https://git.kernel.org/stable/c/64adf22c4bc73ede920baca5defefb70f190cdbc"}, {"url": "https://git.kernel.org/stable/c/48a2440d0f20c826b884e04377ccc1e4696c84e9"}], "title": "x86/entry_32: Clear CPU buffers after register restore in NMI return", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "00E49974-BB63-44B8-8A3C-048EBB86B743", "versionEndExcluding": "5.10.228", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BEDAD6-86F8-457C-952F-C35698B3D07F", "versionEndExcluding": "5.15.169", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "10FD2B3E-C7D9-4A9C-BD64-41877EDF88EB", "versionEndExcluding": "6.1.114", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B9489BC-825E-4EEE-8D93-F93C801988C8", "versionEndExcluding": "6.6.58", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "DEA3578E-BB87-4486-90C9-D07BD36965C5", "versionEndExcluding": "6.11.5", "versionStartIncluding": "6.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/entry_32: Clear CPU buffers after register restore in NMI return\n\nCPU buffers are currently cleared after call to exc_nmi, but before\nregister state is restored. This may be okay for MDS mitigation but not for\nRDFS. Because RDFS mitigation requires CPU buffers to be cleared when\nregisters don't have any sensitive data.\n\nMove CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/entry_32: Borrar los b\u00faferes de la CPU despu\u00e9s de restaurar el registro en el retorno NMI Los b\u00faferes de la CPU se borran actualmente despu\u00e9s de la llamada a exc_nmi, pero antes de que se restaure el estado del registro. Esto puede ser adecuado para la mitigaci\u00f3n de MDS, pero no para RDFS. Porque la mitigaci\u00f3n de RDFS requiere que se borren los b\u00faferes de la CPU cuando los registros no tienen datos confidenciales. Mueva CLEAR_CPU_BUFFERS despu\u00e9s de RESTORE_ALL_NMI."}], "id": "CVE-2024-50193", "lastModified": "2024-11-29T19:29:23.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-11-08T06:15:16.153", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/227358e89703c344008119be7e8ffa3fdb5b92de"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/43778de19d2ef129636815274644b9c16e78c66b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/48a2440d0f20c826b884e04377ccc1e4696c84e9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/64adf22c4bc73ede920baca5defefb70f190cdbc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6f44a5fc15b5cece0785bc07453db77d99b0a6de"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b6400eb0b347821efc57760221f8fb6d63b9548a"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: x86/entry_32: Clear CPU buffers after register restore in NMI return", "id": "2324559", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324559"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-665", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nx86/entry_32: Clear CPU buffers after register restore in NMI return\nCPU buffers are currently cleared after call to exc_nmi, but before\nregister state is restored. This may be okay for MDS mitigation but not for\nRDFS. Because RDFS mitigation requires CPU buffers to be cleared when\nregisters don't have any sensitive data.\nMove CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI."], "name": "CVE-2024-50193", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-11-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-50193\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-50193\nhttps://git.kernel.org/pub/scm/linux/security/vulns.git/tree/cve/published/2024/CVE-2024-50193.mbox"], "threat_severity": "Important"}