PT-2024-34027 · Linux+6 · Linux Kernel+6

Dave Hansen

+1

·

Published

2024-10-08

·

Updated

2025-10-03

·

CVE-2024-50193

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A vulnerability in the Linux kernel has been resolved, related to the x86/entry 32 component. The issue involves the clearing of CPU buffers after register restoration in NMI return. Currently, CPU buffers are cleared after the call to exc nmi but before register state is restored, which may be sufficient for MDS mitigation but not for RDFS. RDFS mitigation requires CPU buffers to be cleared when registers do not contain sensitive data. The fix involves moving the CLEAR CPU BUFFERS operation after the RESTORE ALL NMI operation.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Initialization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-665

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-14505
ALT-PU-2024-16172
ALT-PU-2024-17211
ALT-PU-2025-12647
AZL-53555
AZL-53790
BDU:2025-03472
CVE-2024-50193
DLA-4008-1
DLA-4075-1
OESA-2024-2446
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2025:14705-1
USN-7276-1
USN-7277-1
USN-7288-1
USN-7288-2
USN-7289-1
USN-7289-2
USN-7289-3
USN-7289-4
USN-7291-1
USN-7305-1
USN-7308-1
USN-7310-1
USN-7331-1
USN-7383-1
USN-7383-2
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7388-1
USN-7389-1
USN-7390-1
USN-7403-1
USN-7451-1
USN-7458-1
USN-7468-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Ubuntu