CVE-2024-31142

May 16, 2024, 3:44 p.m.

Product(s) Impacted

Xen Hypervisor

Description

Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. XSA-434 (Speculative Return Stack Overflow) uses the same infrastructure, so is equally impacted. For more details, see: https://xenbits.xen.org/xsa/advisory-407.html https://xenbits.xen.org/xsa/advisory-434.html

Weaknesses

Date

Published: May 16, 2024, 2:15 p.m.

Last Modified: May 16, 2024, 3:44 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@xen.org

References