CVE-2024-2193
5.7
MEDIUM
CVSS 3.1
EPSS 1.1%
Description
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.
How to fix CVE-2024-2193
To remediate CVE-2024-2193, upgrade the affected package to a fixed version below.
- Alpine/xen—upgrade to 4.16.5-r7 or later
- —no fix listed
- —no fix listed
Is CVE-2024-2193 being exploited?
Low — EPSS is 1.1%, meaning exploitation activity has not been observed at scale.
Affected packages (3)
- from 0, < 4.16.5-r7
- from 0
- from 0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.7 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N |