CVE-2024-45332
CVE-2024-45332
5.7
MediumPublished:
Last updated:
Source:secure@intel.com
Deferred
CVSS Vector
v4.0- Attack Vector
- Local
- Attack Complexity
- High
- Attack Requirements
- Present
- Privileges Required
- Low
- User Interaction
- None
- Confidentiality (Vulnerable)
- High
- Integrity (Vulnerable)
- None
- Availability (Vulnerable)
- None
- Confidentiality (Subsequent)
- None
- Integrity (Subsequent)
- None
- Availability (Subsequent)
- None
Description
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
References
af854a3a-2127-422b-91ae-364da2661108
http://www.openwall.com/lists/oss-security/2025/05/13/7af854a3a-2127-422b-91ae-364da2661108
https://comsec.ethz.ch/research/microarch/branch-privilege-injection/af854a3a-2127-422b-91ae-364da2661108
https://lists.debian.org/debian-lts-announce/2025/05/msg00021.html