CVE-2024-2201: CVE-2024-2201

Description

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

Classification

CVE ID: CVE-2024-2201

Affected Products

Vendor: Xen

Product: Xen

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 15.23% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

Timeline

2024-12-20 00:32:53 UTC
CVE

CVE-2024-2201
2025-03-27 12:15:25 UTC
Tenable Plugins

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:1027-1)