VAR-202403-0812
Vulnerability from variot - Updated: 2025-12-19 21:25A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. Security researchers have labeled this variant of the Spectre v1 vulnerability “GhostRace", for ease of communication.CVE-2024-2193 AffectedCVE-2024-2193 Affected. AMD CPUs are a series of CPUs manufactured by AMD.
AMD CPUs contain a race condition vulnerability. This vulnerability stems from improper handling of concurrent access when concurrent code needs to access shared resources mutually exclusively during network system or product operation. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202409-10
https://security.gentoo.org/
Severity: Normal Title: Xen: Multiple Vulnerabilities Date: September 22, 2024 Bugs: #918669, #921355, #923741, #928620, #929038 ID: 202409-10
Synopsis
Multiple vulnerabilities have been discovered in Xen, the worst of which could lead to privilege escalation.
Background
Xen is a bare-metal hypervisor.
Affected packages
Package Vulnerable Unaffected
app-emulation/xen < 4.17.4 >= 4.17.4
Description
Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Xen users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.17.4"
References
[ 1 ] CVE-2022-4949 https://nvd.nist.gov/vuln/detail/CVE-2022-4949 [ 2 ] CVE-2022-42336 https://nvd.nist.gov/vuln/detail/CVE-2022-42336 [ 3 ] CVE-2023-28746 https://nvd.nist.gov/vuln/detail/CVE-2023-28746 [ 4 ] CVE-2023-34319 https://nvd.nist.gov/vuln/detail/CVE-2023-34319 [ 5 ] CVE-2023-34320 https://nvd.nist.gov/vuln/detail/CVE-2023-34320 [ 6 ] CVE-2023-34321 https://nvd.nist.gov/vuln/detail/CVE-2023-34321 [ 7 ] CVE-2023-34322 https://nvd.nist.gov/vuln/detail/CVE-2023-34322 [ 8 ] CVE-2023-34323 https://nvd.nist.gov/vuln/detail/CVE-2023-34323 [ 9 ] CVE-2023-34324 https://nvd.nist.gov/vuln/detail/CVE-2023-34324 [ 10 ] CVE-2023-34325 https://nvd.nist.gov/vuln/detail/CVE-2023-34325 [ 11 ] CVE-2023-34327 https://nvd.nist.gov/vuln/detail/CVE-2023-34327 [ 12 ] CVE-2023-34328 https://nvd.nist.gov/vuln/detail/CVE-2023-34328 [ 13 ] CVE-2023-46835 https://nvd.nist.gov/vuln/detail/CVE-2023-46835 [ 14 ] CVE-2023-46836 https://nvd.nist.gov/vuln/detail/CVE-2023-46836 [ 15 ] CVE-2023-46837 https://nvd.nist.gov/vuln/detail/CVE-2023-46837 [ 16 ] CVE-2023-46839 https://nvd.nist.gov/vuln/detail/CVE-2023-46839 [ 17 ] CVE-2023-46840 https://nvd.nist.gov/vuln/detail/CVE-2023-46840 [ 18 ] CVE-2023-46841 https://nvd.nist.gov/vuln/detail/CVE-2023-46841 [ 19 ] CVE-2023-46842 https://nvd.nist.gov/vuln/detail/CVE-2023-46842 [ 20 ] CVE-2024-2193 https://nvd.nist.gov/vuln/detail/CVE-2024-2193 [ 21 ] CVE-2024-31142 https://nvd.nist.gov/vuln/detail/CVE-2024-31142 [ 22 ] XSA-431 https://xenbits.xen.org/xsa/advisory-431.html [ 23 ] XSA-432 https://xenbits.xen.org/xsa/advisory-432.html [ 24 ] XSA-436 https://xenbits.xen.org/xsa/advisory-436.html [ 25 ] XSA-437 https://xenbits.xen.org/xsa/advisory-437.html [ 26 ] XSA-438 https://xenbits.xen.org/xsa/advisory-438.html [ 27 ] XSA-439 https://xenbits.xen.org/xsa/advisory-439.html [ 28 ] XSA-440 https://xenbits.xen.org/xsa/advisory-440.html [ 29 ] XSA-441 https://xenbits.xen.org/xsa/advisory-441.html [ 30 ] XSA-442 https://xenbits.xen.org/xsa/advisory-442.html [ 31 ] XSA-447 https://xenbits.xen.org/xsa/advisory-447.html [ 32 ] XSA-449 https://xenbits.xen.org/xsa/advisory-449.html [ 33 ] XSA-450 https://xenbits.xen.org/xsa/advisory-450.html [ 34 ] XSA-451 https://xenbits.xen.org/xsa/advisory-451.html [ 35 ] XSA-452 https://xenbits.xen.org/xsa/advisory-452.html [ 36 ] XSA-453 https://xenbits.xen.org/xsa/advisory-453.html [ 37 ] XSA-454 https://xenbits.xen.org/xsa/advisory-454.html [ 38 ] XSA-455 https://xenbits.xen.org/xsa/advisory-455.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202409-10
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202403-0812",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cpu",
"scope": null,
"trust": 0.6,
"vendor": "amd",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-29750"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Statement Date:\u00a0\u00a0 March 01, 2024",
"sources": [
{
"db": "CERT/CC",
"id": "VU#488902"
}
],
"trust": 0.8
},
"cve": "CVE-2024-2193",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.2,
"id": "CNVD-2025-29750",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:M/C:C/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.5,
"id": "CVE-2024-2193",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-2193",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2025-29750",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-29750"
},
{
"db": "NVD",
"id": "CVE-2024-2193"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. Security researchers have labeled this variant of the Spectre v1 vulnerability \u201cGhostRace\", for ease of communication.CVE-2024-2193 AffectedCVE-2024-2193 Affected. AMD CPUs are a series of CPUs manufactured by AMD. \n\nAMD CPUs contain a race condition vulnerability. This vulnerability stems from improper handling of concurrent access when concurrent code needs to access shared resources mutually exclusively during network system or product operation. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202409-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Xen: Multiple Vulnerabilities\n Date: September 22, 2024\n Bugs: #918669, #921355, #923741, #928620, #929038\n ID: 202409-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in Xen, the worst of which\ncould lead to privilege escalation. \n\nBackground\n==========\n\nXen is a bare-metal hypervisor. \n\nAffected packages\n=================\n\nPackage Vulnerable Unaffected\n----------------- ------------ ------------\napp-emulation/xen \u003c 4.17.4 \u003e= 4.17.4\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Xen. Please review the\nCVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Xen users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.17.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2022-4949\n https://nvd.nist.gov/vuln/detail/CVE-2022-4949\n[ 2 ] CVE-2022-42336\n https://nvd.nist.gov/vuln/detail/CVE-2022-42336\n[ 3 ] CVE-2023-28746\n https://nvd.nist.gov/vuln/detail/CVE-2023-28746\n[ 4 ] CVE-2023-34319\n https://nvd.nist.gov/vuln/detail/CVE-2023-34319\n[ 5 ] CVE-2023-34320\n https://nvd.nist.gov/vuln/detail/CVE-2023-34320\n[ 6 ] CVE-2023-34321\n https://nvd.nist.gov/vuln/detail/CVE-2023-34321\n[ 7 ] CVE-2023-34322\n https://nvd.nist.gov/vuln/detail/CVE-2023-34322\n[ 8 ] CVE-2023-34323\n https://nvd.nist.gov/vuln/detail/CVE-2023-34323\n[ 9 ] CVE-2023-34324\n https://nvd.nist.gov/vuln/detail/CVE-2023-34324\n[ 10 ] CVE-2023-34325\n https://nvd.nist.gov/vuln/detail/CVE-2023-34325\n[ 11 ] CVE-2023-34327\n https://nvd.nist.gov/vuln/detail/CVE-2023-34327\n[ 12 ] CVE-2023-34328\n https://nvd.nist.gov/vuln/detail/CVE-2023-34328\n[ 13 ] CVE-2023-46835\n https://nvd.nist.gov/vuln/detail/CVE-2023-46835\n[ 14 ] CVE-2023-46836\n https://nvd.nist.gov/vuln/detail/CVE-2023-46836\n[ 15 ] CVE-2023-46837\n https://nvd.nist.gov/vuln/detail/CVE-2023-46837\n[ 16 ] CVE-2023-46839\n https://nvd.nist.gov/vuln/detail/CVE-2023-46839\n[ 17 ] CVE-2023-46840\n https://nvd.nist.gov/vuln/detail/CVE-2023-46840\n[ 18 ] CVE-2023-46841\n https://nvd.nist.gov/vuln/detail/CVE-2023-46841\n[ 19 ] CVE-2023-46842\n https://nvd.nist.gov/vuln/detail/CVE-2023-46842\n[ 20 ] CVE-2024-2193\n https://nvd.nist.gov/vuln/detail/CVE-2024-2193\n[ 21 ] CVE-2024-31142\n https://nvd.nist.gov/vuln/detail/CVE-2024-31142\n[ 22 ] XSA-431\n https://xenbits.xen.org/xsa/advisory-431.html\n[ 23 ] XSA-432\n https://xenbits.xen.org/xsa/advisory-432.html\n[ 24 ] XSA-436\n https://xenbits.xen.org/xsa/advisory-436.html\n[ 25 ] XSA-437\n https://xenbits.xen.org/xsa/advisory-437.html\n[ 26 ] XSA-438\n https://xenbits.xen.org/xsa/advisory-438.html\n[ 27 ] XSA-439\n https://xenbits.xen.org/xsa/advisory-439.html\n[ 28 ] XSA-440\n https://xenbits.xen.org/xsa/advisory-440.html\n[ 29 ] XSA-441\n https://xenbits.xen.org/xsa/advisory-441.html\n[ 30 ] XSA-442\n https://xenbits.xen.org/xsa/advisory-442.html\n[ 31 ] XSA-447\n https://xenbits.xen.org/xsa/advisory-447.html\n[ 32 ] XSA-449\n https://xenbits.xen.org/xsa/advisory-449.html\n[ 33 ] XSA-450\n https://xenbits.xen.org/xsa/advisory-450.html\n[ 34 ] XSA-451\n https://xenbits.xen.org/xsa/advisory-451.html\n[ 35 ] XSA-452\n https://xenbits.xen.org/xsa/advisory-452.html\n[ 36 ] XSA-453\n https://xenbits.xen.org/xsa/advisory-453.html\n[ 37 ] XSA-454\n https://xenbits.xen.org/xsa/advisory-454.html\n[ 38 ] XSA-455\n https://xenbits.xen.org/xsa/advisory-455.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202409-10\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2024 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-2193"
},
{
"db": "CERT/CC",
"id": "VU#488902"
},
{
"db": "CNVD",
"id": "CNVD-2025-29750"
},
{
"db": "PACKETSTORM",
"id": "181717"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-2193",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#488902",
"trust": 2.4
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2024/03/12/14",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2025-29750",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "177568",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "181717",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#488902"
},
{
"db": "CNVD",
"id": "CNVD-2025-29750"
},
{
"db": "PACKETSTORM",
"id": "177568"
},
{
"db": "PACKETSTORM",
"id": "181717"
},
{
"db": "NVD",
"id": "CVE-2024-2193"
}
]
},
"id": "VAR-202403-0812",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-29750"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-29750"
}
]
},
"last_update_date": "2025-12-19T21:25:15.264000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2024-2193"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://xenbits.xen.org/xsa/advisory-453.html"
},
{
"trust": 1.6,
"url": "https://kb.cert.org/vuls/id/488902"
},
{
"trust": 1.0,
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zon4tlxg7tg4a2xzg563jmvtgqw4sf3a/"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2024/03/12/14"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/eiuicu6cvjuib6bpj7p5qtpqr5vobhfk/"
},
{
"trust": 1.0,
"url": "https://ibm.github.io/system-security-research-updates/2024/03/12/ghostrace"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/h63lgaqxpevjoes73u4xk65i6dasoaag/"
},
{
"trust": 1.0,
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23"
},
{
"trust": 1.0,
"url": "https://www.kb.cert.org/vuls/id/488902"
},
{
"trust": 1.0,
"url": "https://download.vusec.net/papers/ghostrace_sec24.pdf"
},
{
"trust": 1.0,
"url": "https://www.vusec.net/projects/ghostrace/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-2193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-46841"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34324"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-455.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-28746"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/glsa/202409-10"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-449.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34327"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34319"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-452.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-46837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-46840"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-447.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34321"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-4949"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-31142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-46835"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-42336"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-46836"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-440.html"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-438.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34320"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-442.html"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-432.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-46839"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-46842"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34322"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-436.html"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-450.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34325"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-441.html"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-439.html"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-454.html"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-437.html"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-431.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34328"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-34323"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-451.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-29750"
},
{
"db": "PACKETSTORM",
"id": "177568"
},
{
"db": "PACKETSTORM",
"id": "181717"
},
{
"db": "NVD",
"id": "CVE-2024-2193"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#488902"
},
{
"db": "CNVD",
"id": "CNVD-2025-29750"
},
{
"db": "PACKETSTORM",
"id": "177568"
},
{
"db": "PACKETSTORM",
"id": "181717"
},
{
"db": "NVD",
"id": "CVE-2024-2193"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-03-14T00:00:00",
"db": "CERT/CC",
"id": "VU#488902"
},
{
"date": "2025-12-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-29750"
},
{
"date": "2024-03-13T15:32:11",
"db": "PACKETSTORM",
"id": "177568"
},
{
"date": "2024-09-23T14:27:44",
"db": "PACKETSTORM",
"id": "181717"
},
{
"date": "2024-03-15T18:15:08.530000",
"db": "NVD",
"id": "CVE-2024-2193"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-03-15T00:00:00",
"db": "CERT/CC",
"id": "VU#488902"
},
{
"date": "2025-12-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-29750"
},
{
"date": "2025-04-30T23:16:01.667000",
"db": "NVD",
"id": "CVE-2024-2193"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CPU hardware utilizing speculative execution may be vulnerable to speculative race conditions",
"sources": [
{
"db": "CERT/CC",
"id": "VU#488902"
}
],
"trust": 0.8
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.