DEBIAN-CVE-2024-2201

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2024-2201

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2024-2201.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2024-2201

Upstream

CVE-2024-2201

Published

2024-12-19T21:15:08Z

Modified

2025-09-19T07:33:48.514762Z

Summary

[none]

Details

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

References

https://security-tracker.debian.org/tracker/CVE-2024-2201

Affected packages

Debian:12

linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.85-1

Affected versions

6.*

6.1.27-1

6.1.37-1

6.1.38-1

6.1.38-2~bpo11+1

6.1.38-2

6.1.38-3

6.1.38-4~bpo11+1

6.1.38-4

6.1.52-1

6.1.55-1~bpo11+1

6.1.55-1

6.1.64-1

6.1.66-1

6.1.67-1

6.1.69-1~bpo11+1

6.1.69-1

6.1.76-1~bpo11+1

6.1.76-1

6.1.82-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

xen

Package

Name: xen
Purl: pkg:deb/debian/xen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.17.5+23-ga4e5191dc0-1

Affected versions

4.*

4.17.1+2-gb773c48e36-1

4.17.2-1

4.17.2+55-g0b56bed864-1

4.17.2+76-ge1f9cb16e2-1~deb12u1

4.17.2+76-ge1f9cb16e2-1

4.17.3+10-g091466ba55-1~deb12u1

4.17.3+10-g091466ba55-1

4.17.3+10-g091466ba55-1.1~exp1

4.17.3+10-g091466ba55-1.1~exp2

4.17.3+10-g091466ba55-1.1

4.17.3+36-g54dacb5c02-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13

linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.8.9-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

xen

Package

Name: xen
Purl: pkg:deb/debian/xen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.19.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14

linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.8.9-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

xen

Package

Name: xen
Purl: pkg:deb/debian/xen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.19.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}