CVE-2024-53241

MEDIUM EPSS 22.0%
Published Dec 24, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Dec 24, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer using hypercall page at all, as it has shown to cause problems with speculation mitigations. This is part of XSA-466 / CVE-2024-53241.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
22.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel* <5.10.232
linuxlinux_kernel*≥5.11  –  <5.15.175
linuxlinux_kernel*≥5.16  –  <6.1.121
linuxlinux_kernel*≥6.2  –  <6.6.67
linuxlinux_kernel*≥6.7  –  <6.12.6
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any

References 13

  • openwall.com http://www.openwall.com/lists/oss-security/2024/12/17/2
    Mailing List
  • openwall.com http://www.openwall.com/lists/oss-security/2024/12/23/1
    Mailing List
  • openwall.com http://www.openwall.com/lists/oss-security/2025/01/05/1
    Mailing List
  • openwall.com http://www.openwall.com/lists/oss-security/2025/01/05/2
    Mailing List
  • xenbits.xen.org http://xenbits.xen.org/xsa/advisory-466.html
    Third Party Advisory
  • git.kernel.org https://git.kernel.org/stable/c/05df6e6cd9a76b778aee33c3c18c9f3b3566d4a5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/82c211ead1ec440dbf81727e17b03b5e3c44b93d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a2796dff62d6c6bfc5fbebdf2bee0d5ac0438906
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c7b4cfa6213a44fa48714186dfdf125072d036e3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f7c3fdad0a474062d566aae3289d490d7e702d30
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fa719857f613fed94a79da055b13ca51214c694f
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/05df6e6cd9a76b778aee33c3c18c9f3b3566d4a5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/82c211ead1ec440dbf81727e17b03b5e3c44b93d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a2796dff62d6c6bfc5fbebdf2bee0d5ac0438906
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c7b4cfa6213a44fa48714186dfdf125072d036e3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f7c3fdad0a474062d566aae3289d490d7e702d30
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fa719857f613fed94a79da055b13ca51214c694f
    Patch