CVE-2024-53114

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client A number of Zen4 client SoCs advertise the ability to use virtualized VMLOAD/VMSAVE, but using these instructions is reported to be a cause of a random host reboot. These instructions aren't intended to be advertised on Zen4 client so clear the capability.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/00c713f84f477a85e524f34aad8fbd11a1c051f0	Patch
https://git.kernel.org/stable/c/a5ca1dc46a6b610dd4627d8b633d6c84f9724ef0	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc7::::::

History

11 Dec 2024, 20:30

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel:6.12:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc7:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc4:::::: cpe:2.3:o:linux:linux_kernel::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/CPU/AMD: Borrar VMLOAD/VMSAVE virtualizado en el cliente Zen4 Varios SoC de cliente Zen4 anuncian la capacidad de usar VMLOAD/VMSAVE virtualizado, pero se informa que el uso de estas instrucciones es la causa de un reinicio aleatorio del host. Estas instrucciones no están destinadas a ser anunciadas en el cliente Zen4, por lo que se debe borrar la capacidad.
References	~~() https://git.kernel.org/stable/c/00c713f84f477a85e524f34aad8fbd11a1c051f0 -~~	() https://git.kernel.org/stable/c/00c713f84f477a85e524f34aad8fbd11a1c051f0 - Patch
References	~~() https://git.kernel.org/stable/c/a5ca1dc46a6b610dd4627d8b633d6c84f9724ef0 -~~	() https://git.kernel.org/stable/c/a5ca1dc46a6b610dd4627d8b633d6c84f9724ef0 - Patch

02 Dec 2024, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-12-02 14:15

Updated : 2024-12-11 20:30

NVD link : CVE-2024-53114

Mitre link : CVE-2024-53114

CVE.ORG link : CVE-2024-53114

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

5.5 /10