CVE-2024-28956 | THREATINT

Description

Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

PUBLISHED Reserved 2024-05-23 | Published 2025-05-13 | Updated 2025-11-03 | Assigner intel

MEDIUM: 5.7CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

MEDIUM: 5.6CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Problem types

Information Disclosure

Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution

References

xenbits.xen.org/xsa/advisory-469.html

www.openwall.com/lists/oss-security/2025/05/12/5

lists.debian.org/debian-lts-announce/2025/10/msg00007.html

lists.debian.org/debian-lts-announce/2025/08/msg00010.html

lists.debian.org/debian-lts-announce/2025/05/msg00021.html

intel.com/...en/security-center/advisory/intel-sa-01153.html

cve.org (CVE-2024-28956)

nvd.nist.gov (CVE-2024-28956)

Download JSON