VDB
ALPINE-CVE-2024-28956
ALPINE-CVE-2024-28956
PUBLISHED
CVSS 5.699999809265137 MEDIUM
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Risk Scores
CVSS v4.0
5.699999809265137
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.21 | xen | 4.7.0-r3, 0, 4.0.1-r2 |
| Alpine:v3.22 | xen | 4.1.1-r0, 4.4.1-r3, 4.4.1-r2 |
| Alpine:v3.19 | xen | 0, 4.9.1-r3, 4.9.1-r2 |
| Alpine:v3.19 | intel-ucode | 20250211-r0, *, 20231114-r0 |
| Alpine:v3.20 | xen | 4.9.1-r3, 4.0.1-r1, 4.0.1-r2 |
| Alpine:v3.23 | xen | 4.10.1-r1, 0, 4.0.1-r0 |
| Alpine:v3.18 | intel-ucode | 20170511-r0, 20130222-r0, 0 |
| Alpine:v3.21 | intel-ucode | 20210608-r0, 20201112-r0, 20201110-r0 |
| Alpine:v3.23 | intel-ucode | 20210608-r0, 20210216-r0, 20201112-r0 |
| Alpine:v3.20 | intel-ucode | 20180312-r0, 20250211-r0, 0 |
| Alpine:v3.22 | intel-ucode | 20191115-r0, 0, 20130222-r0 |
| Alpine:v3.18 | xen | 4.3.2-r2, 4.3.2-r0, 4.3.1-r3 |
Timeline
- May 13, 2025 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch