In the Linux kernel, the following vulnerability has been resolved:
x86/entry_32: Clear CPU buffers after register restore in NMI return
CPU buffers are currently cleared after call to exc_nmi, but before
register state is restored. This may be okay for MDS mitigation but not for
RDFS. Because RDFS mitigation requires CPU buffers to be cleared when
registers don't have any sensitive data.
Move CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI.
Metrics
Affected Vendors & Products
References
History
Fri, 20 Dec 2024 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-665 | |
Metrics |
threat_severity
|
threat_severity
|
Fri, 29 Nov 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:* |
|
Vendors & Products |
Linux
Linux linux Kernel |
|
Metrics |
cvssV3_1
|
cvssV3_1
|
Fri, 22 Nov 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Fri, 08 Nov 2024 06:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In the Linux kernel, the following vulnerability has been resolved: x86/entry_32: Clear CPU buffers after register restore in NMI return CPU buffers are currently cleared after call to exc_nmi, but before register state is restored. This may be okay for MDS mitigation but not for RDFS. Because RDFS mitigation requires CPU buffers to be cleared when registers don't have any sensitive data. Move CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI. | |
Title | x86/entry_32: Clear CPU buffers after register restore in NMI return | |
References |
|
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-11-08T05:54:08.464Z
Updated: 2024-12-19T09:35:11.006Z
Reserved: 2024-10-21T19:36:19.967Z
Link: CVE-2024-50193
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-11-08T06:15:16.153
Modified: 2024-11-29T19:29:23.710
Link: CVE-2024-50193
Redhat