Stay Connected:

CVE-2024-2201

CVE Details

Release Date:2024-04-09
Impact:Moderate What is this?

Description


A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information.

See more information about CVE-2024-2201 from MITRE CVE dictionary and NIST NVD


NOTE: The following CVSS metrics and score provided are preliminary and subject to review.


CVSS v3 metrics

Base Score: 4.7
Vector String: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Attack Vector: Local
Attack Complexity: High
Privileges Required: Low
User Interaction: None
Scope: Unchanged
Confidentiality Impact: High
Integrity Impact: None
Availability Impact: None

Errata information


PlatformErrataRelease Date
Oracle Linux version 7 (kernel-uek)ELSA-2024-122712024-04-08
Oracle Linux version 7 (kernel-uek)ELSA-2024-123772024-05-13
Oracle Linux version 7 (kernel-uek-container)ELSA-2024-122742024-04-08
Oracle Linux version 7 (kernel-uek-container)ELSA-2024-123802024-05-13
Oracle Linux version 8 (kernel)ELSA-2024-51012024-08-08
Oracle Linux version 8 (kernel-uek)ELSA-2024-122712024-04-08
Oracle Linux version 8 (kernel-uek)ELSA-2024-122722024-04-08
Oracle Linux version 8 (kernel-uek)ELSA-2024-123772024-05-13
Oracle Linux version 8 (kernel-uek)ELSA-2024-123852024-05-15
Oracle Linux version 8 (kernel-uek-container)ELSA-2024-122752024-04-08
Oracle Linux version 8 (kernel-uek-container)ELSA-2024-123802024-05-13
Oracle Linux version 9 (kernel)ELSA-2024-86172024-10-30
Oracle Linux version 9 (kernel-uek)ELSA-2024-122722024-04-08
Oracle Linux version 9 (kernel-uek)ELSA-2024-123852024-05-15


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights