CVE-2024-11149
CVSS 3.1 Score 7.9 of 10 (high)
Details
Published Dec 6, 2024
Summary
CVE-2024-11149 is a vulnerability affecting OpenBSD 7.4 and earlier versions before errata 014. This issue stems from a flaw in vmm(4), the virtual memory driver, where GDTR (Global Descriptor Table Register) limits are not properly restored on Intel VMX CPUs. An attacker could potentially exploit this vulnerability to gain unauthorized privileged access and manipulate the system's memory, leading to potential data theft or system compromise. Users are advised to apply the relevant patches or updates to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- OpenBSD
Affected Vendors
- OpenBSD Project