CVE-2024-28956
Published: May 15, 2025Last modified: May 23, 2025
Description
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.6 |
| Attack Vector | LOCAL |
| Attack complexity | HIGH |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | CHANGED |
| Confidentiality | HIGH |
| Integrity impact | NONE |
| Availability impact | NONE |
| Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | intel-ucode | Fixed (20250512-r0) |
| linux-lts | Unknown (6.1.33-r0) | ||
| Stream | intel-ucode | Fixed (20250512-r0) | |
| linux-lts | Unknown (6.1.33-r0) |