CVE-2024-50193

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/6f44a5fc15b5cece0785bc07453db77d99b0a6de", "name": "https://git.kernel.org/stable/c/6f44a5fc15b5cece0785bc07453db77d99b0a6de", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/b6400eb0b347821efc57760221f8fb6d63b9548a", "name": "https://git.kernel.org/stable/c/b6400eb0b347821efc57760221f8fb6d63b9548a", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/43778de19d2ef129636815274644b9c16e78c66b", "name": "https://git.kernel.org/stable/c/43778de19d2ef129636815274644b9c16e78c66b", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/227358e89703c344008119be7e8ffa3fdb5b92de", "name": "https://git.kernel.org/stable/c/227358e89703c344008119be7e8ffa3fdb5b92de", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/64adf22c4bc73ede920baca5defefb70f190cdbc", "name": "https://git.kernel.org/stable/c/64adf22c4bc73ede920baca5defefb70f190cdbc", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/48a2440d0f20c826b884e04377ccc1e4696c84e9", "name": "https://git.kernel.org/stable/c/48a2440d0f20c826b884e04377ccc1e4696c84e9", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/entry_32: Clear CPU buffers after register restore in NMI return\n\nCPU buffers are currently cleared after call to exc_nmi, but before\nregister state is restored. This may be okay for MDS mitigation but not for\nRDFS. Because RDFS mitigation requires CPU buffers to be cleared when\nregisters don't have any sensitive data.\n\nMove CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-50193", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}}, "publishedDate": "2024-11-08T06:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.6.58", "versionStartIncluding": "6.2"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.1.114", "versionStartIncluding": "5.16"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.15.169", "versionStartIncluding": "5.11"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.11.5", "versionStartIncluding": "6.8"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.10.228"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-11-29T19:29Z"}