DEBIAN-CVE-2024-2201

DEBIAN-CVE-2024-2201 PUBLISHED CVSS 4.699999809265137 MEDIUM

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

Risk Scores

CVSS v3.1

4.699999809265137

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:14	linux	0, 0, 0
Debian:14	xen	0, 0, 0
Debian:12	xen	, , *
Debian:11	linux	6.13.11-1~exp1, 6.12.5-1, *
Debian:11	xen	4.16.0-1~exp1, 4.16.1-1, 4.16.2+90-g0d39a6d1ae-1
Debian:12	linux	0, 6.1.38-4, 6.1.38-4~bpo11+1
Debian:13	xen	0, 0, 0
Debian:13	linux	0, 0, 0

Timeline

Dec 19, 2024 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2024-2201 advisory

Open in Interactive Console →