{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-50112", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-10-21T19:36:19.947Z", "datePublished": "2024-11-05T17:10:44.623Z", "dateUpdated": "2024-11-05T17:10:44.623Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T17:10:44.623Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/lam: Disable ADDRESS_MASKING in most cases\n\nLinear Address Masking (LAM) has a weakness related to transient\nexecution as described in the SLAM paper[1]. Unless Linear Address\nSpace Separation (LASS) is enabled this weakness may be exploitable.\n\nUntil kernel adds support for LASS[2], only allow LAM for COMPILE_TEST,\nor when speculation mitigations have been disabled at compile time,\notherwise keep LAM disabled.\n\nThere are no processors in market that support LAM yet, so currently\nnobody is affected by this issue.\n\n[1] SLAM: https://download.vusec.net/papers/slam_sp24.pdf\n[2] LASS: https://lore.kernel.org/lkml/20230609183632.48706-1-alexander.shishkin@linux.intel.com/\n\n[ dhansen: update SPECULATION_MITIGATIONS -> CPU_MITIGATIONS ]"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/Kconfig"], "versions": [{"version": "1da177e4c3f4", "lessThan": "60a5ba560f29", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "690599066488", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "3267cb6d3a17", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/Kconfig"], "versions": [{"version": "6.6.59", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11.6", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12-rc5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/60a5ba560f296ad8da153f6ad3f70030bfa3958f"}, {"url": "https://git.kernel.org/stable/c/690599066488d16db96ac0d6340f9372fc56f337"}, {"url": "https://git.kernel.org/stable/c/3267cb6d3a174ff83d6287dcd5b0047bbd912452"}], "title": "x86/lam: Disable ADDRESS_MASKING in most cases", "x_generator": {"engine": "bippy-9e1c9544281a"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F471FD6-0481-4141-8A03-00D7CE67C49C", "versionEndExcluding": "6.6.59", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4486B12-007B-4794-9857-F07145637AA1", "versionEndExcluding": "6.11.6", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/lam: Disable ADDRESS_MASKING in most cases\n\nLinear Address Masking (LAM) has a weakness related to transient\nexecution as described in the SLAM paper[1]. Unless Linear Address\nSpace Separation (LASS) is enabled this weakness may be exploitable.\n\nUntil kernel adds support for LASS[2], only allow LAM for COMPILE_TEST,\nor when speculation mitigations have been disabled at compile time,\notherwise keep LAM disabled.\n\nThere are no processors in market that support LAM yet, so currently\nnobody is affected by this issue.\n\n[1] SLAM: https://download.vusec.net/papers/slam_sp24.pdf\n[2] LASS: https://lore.kernel.org/lkml/20230609183632.48706-1-alexander.shishkin@linux.intel.com/\n\n[ dhansen: update SPECULATION_MITIGATIONS -> CPU_MITIGATIONS ]"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/lam: Deshabilitar ADDRESS_MASKING en la mayor\u00eda de los casos. El enmascaramiento de direcciones lineales (LAM) tiene una debilidad relacionada con la ejecuci\u00f3n transitoria como se describe en el documento SLAM[1]. A menos que se habilite la separaci\u00f3n del espacio de direcciones lineales (LASS), esta debilidad puede ser explotable. Hasta que el kernel agregue soporte para LASS[2], solo permita LAM para COMPILE_TEST, o cuando las mitigaciones de especulaci\u00f3n se hayan deshabilitado en el momento de la compilaci\u00f3n, de lo contrario, mantenga LAM deshabilitado. No hay procesadores en el mercado que admitan LAM todav\u00eda, por lo que actualmente nadie se ve afectado por este problema. [1] SLAM: https://download.vusec.net/papers/slam_sp24.pdf [2] LASS: https://lore.kernel.org/lkml/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ [ dhansen: actualizaci\u00f3n MITIGACIONES_DE_ESPECULACI\u00d3N -> MITIGACIONES_DE_CPU ]"}], "id": "CVE-2024-50112", "lastModified": "2024-11-08T20:36:03.797", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-11-05T18:15:14.497", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3267cb6d3a174ff83d6287dcd5b0047bbd912452"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/60a5ba560f296ad8da153f6ad3f70030bfa3958f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/690599066488d16db96ac0d6340f9372fc56f337"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: x86/lam: Disable ADDRESS_MASKING in most cases", "id": "2323925", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2323925"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nx86/lam: Disable ADDRESS_MASKING in most cases\nLinear Address Masking (LAM) has a weakness related to transient\nexecution as described in the SLAM paper[1]. Unless Linear Address\nSpace Separation (LASS) is enabled this weakness may be exploitable.\nUntil kernel adds support for LASS[2], only allow LAM for COMPILE_TEST,\nor when speculation mitigations have been disabled at compile time,\notherwise keep LAM disabled.\nThere are no processors in market that support LAM yet, so currently\nnobody is affected by this issue.\n[1] SLAM: https://download.vusec.net/papers/slam_sp24.pdf\n[2] LASS: https://lore.kernel.org/lkml/20230609183632.48706-1-alexander.shishkin@linux.intel.com/\n[ dhansen: update SPECULATION_MITIGATIONS -> CPU_MITIGATIONS ]"], "name": "CVE-2024-50112", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-11-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-50112\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-50112\nhttps://lore.kernel.org/linux-cve-announce/2024110555-CVE-2024-50112-37de@gregkh/T"], "threat_severity": "Moderate"}