CVE-2024-2193 — GhostRace: Race Condition in Linux
Severity
5.7MEDIUMNVD
EPSS
0.9%
top 24.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 15
Latest updateNov 14
Description
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:NExploitability: 0.5 | Impact: 5.2
Affected Packages5 packages
🔴Vulnerability Details
2OSV▶
CVE-2024-2193: A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has be↗2024-03-15
GHSA▶
GHSA-3p53-237x-3cww: A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has be↗2024-03-15
📋Vendor Advisories
3Red Hat
▶
Red Hat▶
hw: Spectre-SRC that is Speculative Race Conditions (SRCs) for synchronization primitives similar like Spectre V1 with possibility to bypass software features (e.g., IPIs, high-precision timers, etc)↗2024-03-12
Debian▶
CVE-2024-2193: linux - A Speculative Race Condition (SRC) vulnerability that impacts modern CPU archite...↗2024
🕵️Threat Intelligence
2💬Community
1Bugzilla▶
CVE-2024-2193 hw: Spectre-SRC that is Speculative Race Conditions (SRCs) for synchronization primitives similar like Spectre V1 with possibility to bypass software features (e.g., IPIs, high-precision↗2024-01-31