Bug 2366089 (CVE-2025-24495)
| Summary: | CVE-2025-24495 microcode_ctl: From CVEorg collector | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in the Branch Prediction Unit (BPU) of Intel's Lion Core CPUs that make it possible for an attacker to bypass Indirect Branch Predictor Barrier (IBPB) protections. By employing branch predictor training techniques as described in the "Training Solo" publication, an attacker with local privileges could use this bypass to exfiltrate sensitive data from an affected system, including from host hypervisors or neighboring guests in virtualized environments.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-05-13 22:01:34 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:10103 https://access.redhat.com/errata/RHSA-2025:10103 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:10102 https://access.redhat.com/errata/RHSA-2025:10102 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:10101 https://access.redhat.com/errata/RHSA-2025:10101 |