Back

CVE-2024-31142

May 16, 2024, 3:44 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Xen Hypervisor

Source

security@xen.org

Tags

2024-05-16
security@xen.org
CVE-2024-31142

CVE-2024-31142 details

Published : May 16, 2024, 2:15 p.m.
Last Modified : May 16, 2024, 3:44 p.m.

Description

Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. XSA-434 (Speculative Return Stack Overflow) uses the same infrastructure, so is equally impacted. For more details, see: https://xenbits.xen.org/xsa/advisory-407.html https://xenbits.xen.org/xsa/advisory-434.html

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://xenbits.xenproject.org/xsa/advisory-455.html security@xen.org
This website uses the NVD API, but is not approved or certified by it.