CVE-2024-50112

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 5, 2024
Updated: Nov 8, 2024

Summary

CVE-2024-50112: A vulnerability has been identified in the Linux kernel's x86/lam component. This issue involves Linear Address Masking (LAM), which can be exploited due to a weakness related to transient execution, as detailed in the SLAM paper. Until the kernel supports Linear Address Space Separation (LASS), LAM should only be enabled for COMPILE_TEST or when CPU mitigations have been disabled at compile time. Currently, no processors on the market support LAM, so no one is affected by this issue. [Reference: SLAM paper, LASS documentation]

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share