CVE-2024-11149

Published Dec 6, 2024

Last updated 9 months ago

CVSS medium 6.2

Overview

Description: In OpenBSD 7.4 before errata 014, vmm(4) did not restore GDTR limits properly on Intel (VMX) CPUs.
Source: 9119a7d8-5eab-497f-8521-727c672e3725
NVD status: Analyzed
Products: openbsd

Risk scores

CVSS 4.0

Type: Secondary
Base score: 6.2
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X
Severity: MEDIUM

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

CVE-2024-11149 (CVSS:7.9, HIGH) is Awaiting Analysis. In OpenBSD 7.4 before errata 014, vmm(4) did not restore GDTR limits properly on Intel (VMX) CPUs...https://t.co/2abnyJRnTh #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
11 Dec 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "D679C29F-8245-4A14-AC52-BC9F5EF8DC9B",
            "versionEndExcluding": "7.4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:-:*:*:*:*:*:*",
            "matchCriteriaId": "AC3B964B-B0DA-4ED4-92CA-22CA55FB1799",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_001:*:*:*:*:*:*",
            "matchCriteriaId": "6AFCBC1B-71F7-48E0-B276-8FDC3150E6CD",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_002:*:*:*:*:*:*",
            "matchCriteriaId": "DD66EC2F-ACFA-436D-81AB-AB1B0DF9A262",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_003:*:*:*:*:*:*",
            "matchCriteriaId": "17D59A8B-EAE5-4E22-939A-EB7DF64A6F77",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_004:*:*:*:*:*:*",
            "matchCriteriaId": "B6CAD278-E505-40F7-9FDB-EF46E38CBECA",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_005:*:*:*:*:*:*",
            "matchCriteriaId": "985AA19C-C3F9-4DD3-BFE8-CF481D6FFC42",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_006:*:*:*:*:*:*",
            "matchCriteriaId": "86698949-1025-4EFA-814C-D66DF8FC22E9",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_007:*:*:*:*:*:*",
            "matchCriteriaId": "04776818-C23B-460A-81C2-FF0E99DFD7CE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_008:*:*:*:*:*:*",
            "matchCriteriaId": "2A491657-819C-407D-8CE7-3F22857C20D4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_009:*:*:*:*:*:*",
            "matchCriteriaId": "8BB8DEB9-C6D2-443E-AF59-6F9041511F14",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_010:*:*:*:*:*:*",
            "matchCriteriaId": "5B950A6E-CF52-46BF-8ACA-EB7013406BD6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_011:*:*:*:*:*:*",
            "matchCriteriaId": "7127734F-4434-4A81-842E-6C4263118DE5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_012:*:*:*:*:*:*",
            "matchCriteriaId": "61C72FF4-2FCA-4DF6-A290-E9DBDA960F7E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.4:errata_013:*:*:*:*:*:*",
            "matchCriteriaId": "593087F6-2F44-42E7-97E8-8892A9039F8A",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 4.0

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References