CVE-2024-53241
Published Dec 24, 2024
Last updated 2 months ago
- Description
- In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer using hypercall page at all, as it has shown to cause problems with speculation mitigations. This is part of XSA-466 / CVE-2024-53241.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Awaiting Analysis
- Hype score
- Not currently trending
CVE-2024-53241 In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hyperca… https://t.co/GiJNXdcaGD
@CVEnew
24 Dec 2024
226 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Xen Security Advisory 465 v3 (CVE-2024-53240) - Backend can crash Linux netfront https://t.co/Q8bjvSmVhn Xen Security Advisory 466 v3 (CVE-2024-53241) - Xen hypercall page unsafe against speculative attacks https://t.co/D4HTnWfaX0
@oss_security
17 Dec 2024
184 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes