PT-2025-17629 · Intel+9 · Intel Processors+9
Published
2024-09-30
·
Updated
2025-11-26
·
CVE-2024-45332
CVSS v4.0
5.7
Medium
| Vector | AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Intel CPUs from 9th generation onward (affected versions not specified)
Description
The issue is related to a flaw in the branch predictor component of Intel CPUs, which can be exploited to leak sensitive data from privileged memory. This is due to a race condition in the branch predictor that allows attackers to influence the execution of instructions and potentially access protected information. The vulnerability can be exploited by authenticated users with local access, and it may allow the disclosure of sensitive information such as passwords, cryptographic keys, and other protected data. Researchers have demonstrated the exploitability of this issue, and it is considered a critical vulnerability.
Recommendations
As a temporary workaround, consider disabling the branch predictor component until a patch is available.
Apply the latest microcode updates from Intel to mitigate the vulnerability.
Restrict access to sensitive information and limit the use of affected systems until the issue is fully resolved.
Note: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
LPE
Race Condition
Information Disclosure
Time Of Check To Time Of Use
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Centos
Debian
Intel Processors
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu