CVE-2024-2201: Medium severity Microsoft Windows Server 2012 R2 vulnerability
A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.
Other sources
A native Spectre-v2 exploit against the Linux kernel on last-generation Intel CPUs, based on the recent BHI variant and able to leak arbitrary kernel memory at 3.5 kB/sec. In this flaw a number of gadgets and exploitation techniques to bypass the recent FineIBT mitigation, along with a case study on a 13th Gen Intel CPU that can leak kernel memory at 18 bytes/sec.
Reference: https://www.openwall.com/lists/oss-security/2024/04/09/15 https://www.vusec.net/projects/native-bhi/ https://download.vusec.net/papers/inspectresec24.pdf
— Red Hat
Intel: CVE-2024-2201 Branch History Injection
— Microsoft
This CVE was assigned by Intel. Please see CVE-2024-2201 on CVE.org for more information.
— Microsoft
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2024-2201?
CVE-2024-2201 is classified as a high severity vulnerability due to its ability to bypass multiple mitigations in place.
How do I fix CVE-2024-2201?
To fix CVE-2024-2201, you need to apply the appropriate patches provided by Microsoft for the affected software versions.
What systems are affected by CVE-2024-2201?
CVE-2024-2201 affects various Microsoft Windows versions including Windows Server 2019, Windows Server 2022, Windows 10, and Windows 11.
Is CVE-2024-2201 a remote exploit?
CVE-2024-2201 can be exploited remotely, allowing attackers to execute unauthorized code on vulnerable systems.
What is the nature of the vulnerability in CVE-2024-2201?
CVE-2024-2201 is a cross-privilege Spectre v2 vulnerability that allows attackers to bypass existing security mitigations.