CVE-2024-50193
Vulnerability from cvelistv5
Published
2024-11-08 05:54
Modified
2024-12-19 09:35
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: x86/entry_32: Clear CPU buffers after register restore in NMI return CPU buffers are currently cleared after call to exc_nmi, but before register state is restored. This may be okay for MDS mitigation but not for RDFS. Because RDFS mitigation requires CPU buffers to be cleared when registers don't have any sensitive data. Move CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI.
Impacted products
Vendor Product Version
Linux Linux Version: 6.8
Show details on NVD website


{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/entry/entry_32.S"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6f44a5fc15b5cece0785bc07453db77d99b0a6de",
              "status": "affected",
              "version": "50f021f0b985629accf10481a6e89af8b9700583",
              "versionType": "git"
            },
            {
              "lessThan": "b6400eb0b347821efc57760221f8fb6d63b9548a",
              "status": "affected",
              "version": "d54de9f2a127090f2017184e8257795b487d5312",
              "versionType": "git"
            },
            {
              "lessThan": "43778de19d2ef129636815274644b9c16e78c66b",
              "status": "affected",
              "version": "2e3087505ddb8ba2d3d4c81306cca11e868fcdb9",
              "versionType": "git"
            },
            {
              "lessThan": "227358e89703c344008119be7e8ffa3fdb5b92de",
              "status": "affected",
              "version": "ca13d8cd8dac25558da4ee8df4dc70e8e7f9d762",
              "versionType": "git"
            },
            {
              "lessThan": "64adf22c4bc73ede920baca5defefb70f190cdbc",
              "status": "affected",
              "version": "a0e2dab44d22b913b4c228c8b52b2a104434b0b3",
              "versionType": "git"
            },
            {
              "lessThan": "48a2440d0f20c826b884e04377ccc1e4696c84e9",
              "status": "affected",
              "version": "a0e2dab44d22b913b4c228c8b52b2a104434b0b3",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/entry/entry_32.S"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.8"
            },
            {
              "lessThan": "6.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.228",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.169",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.114",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.58",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.11.*",
              "status": "unaffected",
              "version": "6.11.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.12",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/entry_32: Clear CPU buffers after register restore in NMI return\n\nCPU buffers are currently cleared after call to exc_nmi, but before\nregister state is restored. This may be okay for MDS mitigation but not for\nRDFS. Because RDFS mitigation requires CPU buffers to be cleared when\nregisters don\u0027t have any sensitive data.\n\nMove CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T09:35:11.006Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6f44a5fc15b5cece0785bc07453db77d99b0a6de"
        },
        {
          "url": "https://git.kernel.org/stable/c/b6400eb0b347821efc57760221f8fb6d63b9548a"
        },
        {
          "url": "https://git.kernel.org/stable/c/43778de19d2ef129636815274644b9c16e78c66b"
        },
        {
          "url": "https://git.kernel.org/stable/c/227358e89703c344008119be7e8ffa3fdb5b92de"
        },
        {
          "url": "https://git.kernel.org/stable/c/64adf22c4bc73ede920baca5defefb70f190cdbc"
        },
        {
          "url": "https://git.kernel.org/stable/c/48a2440d0f20c826b884e04377ccc1e4696c84e9"
        }
      ],
      "title": "x86/entry_32: Clear CPU buffers after register restore in NMI return",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-50193",
    "datePublished": "2024-11-08T05:54:08.464Z",
    "dateReserved": "2024-10-21T19:36:19.967Z",
    "dateUpdated": "2024-12-19T09:35:11.006Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-50193\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-11-08T06:15:16.153\",\"lastModified\":\"2024-11-29T19:29:23.710\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nx86/entry_32: Clear CPU buffers after register restore in NMI return\\n\\nCPU buffers are currently cleared after call to exc_nmi, but before\\nregister state is restored. This may be okay for MDS mitigation but not for\\nRDFS. Because RDFS mitigation requires CPU buffers to be cleared when\\nregisters don\u0027t have any sensitive data.\\n\\nMove CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/entry_32: Borrar los b\u00faferes de la CPU despu\u00e9s de restaurar el registro en el retorno NMI Los b\u00faferes de la CPU se borran actualmente despu\u00e9s de la llamada a exc_nmi, pero antes de que se restaure el estado del registro. Esto puede ser adecuado para la mitigaci\u00f3n de MDS, pero no para RDFS. Porque la mitigaci\u00f3n de RDFS requiere que se borren los b\u00faferes de la CPU cuando los registros no tienen datos confidenciales. Mueva CLEAR_CPU_BUFFERS despu\u00e9s de RESTORE_ALL_NMI.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.10.228\",\"matchCriteriaId\":\"00E49974-BB63-44B8-8A3C-048EBB86B743\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.169\",\"matchCriteriaId\":\"18BEDAD6-86F8-457C-952F-C35698B3D07F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.114\",\"matchCriteriaId\":\"10FD2B3E-C7D9-4A9C-BD64-41877EDF88EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.58\",\"matchCriteriaId\":\"6B9489BC-825E-4EEE-8D93-F93C801988C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.8\",\"versionEndExcluding\":\"6.11.5\",\"matchCriteriaId\":\"DEA3578E-BB87-4486-90C9-D07BD36965C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F361E1D-580F-4A2D-A509-7615F73167A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C95E234-D335-4B6C-96BF-E2CEBD8654ED\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/227358e89703c344008119be7e8ffa3fdb5b92de\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/43778de19d2ef129636815274644b9c16e78c66b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/48a2440d0f20c826b884e04377ccc1e4696c84e9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/64adf22c4bc73ede920baca5defefb70f190cdbc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6f44a5fc15b5cece0785bc07453db77d99b0a6de\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b6400eb0b347821efc57760221f8fb6d63b9548a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.