Stay Connected:

CVE-2024-2201

CVE Details

Release Date:2024-04-09

Description


A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information.

See more information about CVE-2024-2201 from MITRE CVE dictionary and NIST NVD


CVSS Scoring


NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.

Base Score: 4.7 CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector: Local network Attack Complexity: High
Privileges Required: Low User Interaction: None
Scope: Unchanged Confidentiality Impact: High
Integrity Impact: None Availability Impact: None

Errata information


PlatformErrataRelease Date
Oracle Linux version 7 (kernel-uek)ELSA-2024-122712024-04-08
Oracle Linux version 7 (kernel-uek)ELSA-2024-123772024-05-13
Oracle Linux version 7 (kernel-uek-container)ELSA-2024-122742024-04-08
Oracle Linux version 7 (kernel-uek-container)ELSA-2024-123802024-05-13
Oracle Linux version 8 (kernel)ELSA-2024-51012024-08-08
Oracle Linux version 8 (kernel-uek)ELSA-2024-122712024-04-08
Oracle Linux version 8 (kernel-uek)ELSA-2024-122722024-04-08
Oracle Linux version 8 (kernel-uek)ELSA-2024-123772024-05-13
Oracle Linux version 8 (kernel-uek)ELSA-2024-123852024-05-15
Oracle Linux version 8 (kernel-uek-container)ELSA-2024-122752024-04-08
Oracle Linux version 8 (kernel-uek-container)ELSA-2024-123802024-05-13
Oracle Linux version 9 (kernel)ELSA-2024-86172024-10-30
Oracle Linux version 9 (kernel-uek)ELSA-2024-122722024-04-08
Oracle Linux version 9 (kernel-uek)ELSA-2024-123852024-05-15


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights