AI description
CVE-2024-28956 involves the exposure of sensitive information in shared microarchitectural structures during transient execution on some Intel processors. An authenticated local user could potentially extract sensitive information by exploiting microarchitectural weaknesses. This vulnerability affects the Linux kernel via cBPF, where direct branches may be predicted. Oracle has released security updates to address this vulnerability.
- Description
- Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- Source
- secure@intel.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 5.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Secondary
- Base score
- 5.6
- Impact score
- 4
- Exploitability score
- 1.1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
URGENT: #Fedora42 users! 🐧 Xen hypervisor XSA-469 (CVE-2024-28956) allows VM escape via indirect branch prediction. Patch NOW: dnf upgrade --advisory FEDORA-2025-b3d59fca78 Read more: 👉 https://t.co/BDl4SWwGXw #Cybersecurity #SysAdmin https://t.co/Y0qEDcAuTf
@Cezar_H_Linux
18 May 2025
60 Impressions
1 Retweet
2 Likes
1 Bookmark
0 Replies
0 Quotes
Researchers discovered Intel CPU flaws CVE-2024-28956 and CVE-2025-24495 that leak kernel memory and revive Spectre v2 attacks. Patches are available but the risk spans many modern processors. #IntelSecurity #CPUFlaws #SpectreV2 #MemoryLeak #CyberThreats #DataProtection https://t
@CloneSystemsInc
16 May 2025
49 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
💻 Spectre Isn’t Dead. It’s Mutating! New CPU flaw hits ALL modern Intel chips. 🛠 Researchers at ETH Zurich and VUSec uncovered Spectre-style Intel CPU flaws (CVE-2024-45332, CVE-2024-28956, CVE-2025-24495) that leak memory across users, guests, and ... https://t.co/FnN
@IT_news_for_all
16 May 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
💻 Spectre Isn’t Dead. It’s Mutating! New CPU flaw hits ALL modern Intel chips. 🛠 Researchers at ETH Zurich and VUSec uncovered Spectre-style Intel CPU flaws (CVE-2024-45332, CVE-2024-28956, CVE-2025-24495) that leak memory across users, guests, and hosts—at rates up
@TheHackersNews
16 May 2025
17623 Impressions
60 Retweets
107 Likes
20 Bookmarks
1 Reply
5 Quotes
🚨 URGENT for #Linux Admins! 🚨 The latest Unbreakable Enterprise Kernel update fixes CVE-2024-28956, a severe x86 security flaw. If you manage cloud servers, financial systems, or Kubernetes clusters, patch now ! Read more: 👉 https://t.co/KSkq0kuKEb #CyberSecurity #DevOp
@Cezar_H_Linux
14 May 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-28956, これも Intel CPU でだけ投機的実行でホストのメモリが推測できるかもみたいなやつかあ https://t.co/6VQyWaAqyg
@apstndb
12 May 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Compute Engine update on May 12, 2025 https://t.co/hXL9uJsr2F #googlecloud A vulnerability (CVE-2024-28956) affecting Intel Cascade Lake processors and Intel Ice Lake processors was discovered and is being addressed 1/3
@gcpweekly
12 May 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes