Add CVE-2024-2201/nativebhi

author: Salvatore Bonaccorso <carnil@debian.org> 2024-04-09 19:20:57 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2024-04-09 19:20:57 +0200
commit: 7ade9f30444efa20496b308da6317904348f0fd2 (patch)
tree: c12286e37915eff177b95b2384ebe3f163a19076 /data
parent: fee37cb325a989842a5c9b09a59606e24afe8803 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 88b836a5d7..031c12c279 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,11 @@
+CVE-2024-2201 [Native Branch History Injection]
+	- linux <unfixed>
+	- xen <unfixed>
+	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
+	[buster] - xen <end-of-life> (DSA 4677-1)
+	NOTE: https://www.openwall.com/lists/oss-security/2024/04/09/15
+	NOTE: https://vusec.net/projects/native-bhi
+	NOTE: https://xenbits.xen.org/xsa/advisory-456.html
 CVE-2024-31142 [x86: Incorrect logic for BTC/SRSO mitigations]
 	- xen <unfixed>
 	[bullseye] - xen <end-of-life> (EOLed in Bullseye)
author	Salvatore Bonaccorso <carnil@debian.org>	2024-04-09 19:20:57 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2024-04-09 19:20:57 +0200
commit	7ade9f30444efa20496b308da6317904348f0fd2 (patch)
tree	c12286e37915eff177b95b2384ebe3f163a19076 /data
parent	fee37cb325a989842a5c9b09a59606e24afe8803 (diff)