{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-53241", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-11-19T17:17:25.026Z", "datePublished": "2024-12-24T09:24:42.212Z", "dateUpdated": "2025-05-04T09:56:48.923Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:56:48.923Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/xen: don't do PV iret hypercall through hypercall page\n\nInstead of jumping to the Xen hypercall page for doing the iret\nhypercall, directly code the required sequence in xen-asm.S.\n\nThis is done in preparation of no longer using hypercall page at all,\nas it has shown to cause problems with speculation mitigations.\n\nThis is part of XSA-466 / CVE-2024-53241."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/xen/xen-asm.S"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "05df6e6cd9a76b778aee33c3c18c9f3b3566d4a5", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "c7b4cfa6213a44fa48714186dfdf125072d036e3", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "fa719857f613fed94a79da055b13ca51214c694f", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "82c211ead1ec440dbf81727e17b03b5e3c44b93d", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "f7c3fdad0a474062d566aae3289d490d7e702d30", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "a2796dff62d6c6bfc5fbebdf2bee0d5ac0438906", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/xen/xen-asm.S"], "versions": [{"version": "5.10.232", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.175", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.121", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.67", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.6", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.10.232"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.175"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.121"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.6.67"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.12.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.13"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/05df6e6cd9a76b778aee33c3c18c9f3b3566d4a5"}, {"url": "https://git.kernel.org/stable/c/c7b4cfa6213a44fa48714186dfdf125072d036e3"}, {"url": "https://git.kernel.org/stable/c/fa719857f613fed94a79da055b13ca51214c694f"}, {"url": "https://git.kernel.org/stable/c/82c211ead1ec440dbf81727e17b03b5e3c44b93d"}, {"url": "https://git.kernel.org/stable/c/f7c3fdad0a474062d566aae3289d490d7e702d30"}, {"url": "https://git.kernel.org/stable/c/a2796dff62d6c6bfc5fbebdf2bee0d5ac0438906"}], "title": "x86/xen: don't do PV iret hypercall through hypercall page", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://xenbits.xen.org/xsa/advisory-466.html"}, {"url": "http://www.openwall.com/lists/oss-security/2024/12/17/2"}, {"url": "http://www.openwall.com/lists/oss-security/2024/12/23/1"}, {"url": "http://www.openwall.com/lists/oss-security/2025/01/05/1"}, {"url": "http://www.openwall.com/lists/oss-security/2025/01/05/2"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-01-05T07:02:44.547Z"}}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "67E29432-2149-4D12-92C4-2808DE4E0D76", "versionEndExcluding": "5.10.232", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A1F3620-6900-4852-9229-C3527377EBDA", "versionEndExcluding": "5.15.175", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8DA16A0-9C6E-493E-90EE-309A34901477", "versionEndExcluding": "6.1.121", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF4F2CD1-2CA6-4D6B-9B0C-57C3C4D6544A", "versionEndExcluding": "6.6.67", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0CB1A9BB-F95E-43DD-A2FD-147912FD91E5", "versionEndExcluding": "6.12.6", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*", "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/xen: don't do PV iret hypercall through hypercall page\n\nInstead of jumping to the Xen hypercall page for doing the iret\nhypercall, directly code the required sequence in xen-asm.S.\n\nThis is done in preparation of no longer using hypercall page at all,\nas it has shown to cause problems with speculation mitigations.\n\nThis is part of XSA-466 / CVE-2024-53241."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/xen: no realizar la hiperllamada de PV iret a trav\u00e9s de la p\u00e1gina de hiperllamada En lugar de saltar a la p\u00e1gina de hiperllamada de Xen para realizar la hiperllamada iret, codificar directamente la secuencia requerida en xen-asm.S. Esto se hace como preparaci\u00f3n para no utilizar m\u00e1s la p\u00e1gina de hiperllamada, ya que se ha demostrado que causa problemas con las mitigaciones de especulaci\u00f3n. Esto es parte de XSA-466 / CVE-2024-53241."}], "id": "CVE-2024-53241", "lastModified": "2025-10-08T14:48:44.637", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-12-24T10:15:06.640", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/05df6e6cd9a76b778aee33c3c18c9f3b3566d4a5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/82c211ead1ec440dbf81727e17b03b5e3c44b93d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a2796dff62d6c6bfc5fbebdf2bee0d5ac0438906"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c7b4cfa6213a44fa48714186dfdf125072d036e3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f7c3fdad0a474062d566aae3289d490d7e702d30"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fa719857f613fed94a79da055b13ca51214c694f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2024/12/17/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2024/12/23/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2025/01/05/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2025/01/05/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://xenbits.xen.org/xsa/advisory-466.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2025:3894", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.50.1.rt7.391.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-04-15T00:00:00Z"}, {"advisory": "RHSA-2025:3893", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.50.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-04-15T00:00:00Z"}], "bugzilla": {"description": "kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)", "id": "2331326", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331326"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.7", "cvss3_scoring_vector": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-119", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nx86/xen: don't do PV iret hypercall through hypercall page\nInstead of jumping to the Xen hypercall page for doing the iret\nhypercall, directly code the required sequence in xen-asm.S.\nThis is done in preparation of no longer using hypercall page at all,\nas it has shown to cause problems with speculation mitigations.\nThis is part of XSA-466 / CVE-2024-53241."], "name": "CVE-2024-53241", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2024-12-17T12:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-53241\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-53241"], "threat_severity": "Moderate"}

{}