{"uuid": "5410faba-450c-4166-9e10-cba22b75843d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53241", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/122", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-w2vx-fp9q-36ph\n\ud83d\udd17 Aliases: CVE-2024-53241\n\ud83d\udd39 Details: In the Linux kernel, the following vulnerability has been resolved:\n\nx86/xen: don't do PV iret hypercall through hypercall page\n\nInstead of jumping to the Xen hypercall page for doing the iret\nhypercall, directly code the required sequence in xen-asm.S.\n\nThis is done in preparation of no longer using hypercall page at all,\nas it has shown to cause problems with speculation mitigations.\n\nThis is part of XSA-466 / CVE-2024-53241.\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T09:30:42Z\n\ud83d\uddd3\ufe0f Published: 2024-12-24T12:30:42Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-53241\n2. https://git.kernel.org/stable/c/05df6e6cd9a6b8aee33c3c18c9f3b3566d4a5\n3. https://git.kernel.org/stable/c/82c211ead1ec440dbf812e1b03b5e3c44b93d\n4. https://git.kernel.org/stable/c/a296dff62d6c6bfc5fbebdf2bee0d5ac0438906\n5. https://git.kernel.org/stable/c/cb4cfa6213a44fa4814186dfdf12502d036e3\n6. https://git.kernel.org/stable/c/fc3fdad0a44062d566aae3289d490de02d30\n7. https://git.kernel.org/stable/c/fa1985f613fed94a9da055b13ca51214c694f\n8. http://www.openwall.com/lists/oss-security/2024/12/1/2\n9. http://www.openwall.com/lists/oss-security/2024/12/23/1\n10. http://www.openwall.com/lists/oss-security/2025/01/05/1\n11. http://www.openwall.com/lists/oss-security/2025/01/05/2\n12. http://xenbits.xen.org/xsa/advisory-466.html", "creation_timestamp": "2025-01-05T09:36:21.000000Z"}