cnvd - cnvd-2025-29750

CNVD-2025-29750

Vulnerability from cnvd - Published: 2025-12-03

Title

AMD CPU竞争条件漏洞

Description

AMD CPU是AMD公司的一个系列CPU。 AMD CPU存在竞争条件漏洞，该漏洞源于网络系统或产品在运行过程中，并发代码需要互斥地访问共享资源时，对于并发访问的处理不当。攻击者可利用该漏洞推测执行代码路径，并从CPU中泄露任意数据。

Severity

中

Formal description

目前厂商尚未发布升级程序修复该安全问题，详情见厂商官网： https://www.amd.com/zh-cn.html

Reference

https://kb.cert.org/vuls/id/488902

Impacted products

Name
AMD AMD CPU

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-2193",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-2193"
    }
  },
  "description": "AMD CPU\u662fAMD\u516c\u53f8\u7684\u4e00\u4e2a\u7cfb\u5217CPU\u3002\n\nAMD CPU\u5b58\u5728\u7ade\u4e89\u6761\u4ef6\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u5728\u8fd0\u884c\u8fc7\u7a0b\u4e2d\uff0c\u5e76\u53d1\u4ee3\u7801\u9700\u8981\u4e92\u65a5\u5730\u8bbf\u95ee\u5171\u4eab\u8d44\u6e90\u65f6\uff0c\u5bf9\u4e8e\u5e76\u53d1\u8bbf\u95ee\u7684\u5904\u7406\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63a8\u6d4b\u6267\u884c\u4ee3\u7801\u8def\u5f84\uff0c\u5e76\u4eceCPU\u4e2d\u6cc4\u9732\u4efb\u610f\u6570\u636e\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5c1a\u672a\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://www.amd.com/zh-cn.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-29750",
  "openTime": "2025-12-03",
  "products": {
    "product": "AMD AMD CPU"
  },
  "referenceLink": "https://kb.cert.org/vuls/id/488902",
  "serverity": "\u4e2d",
  "submitTime": "2024-03-19",
  "title": "AMD CPU\u7ade\u4e89\u6761\u4ef6\u6f0f\u6d1e"
}

CVE-2024-2193 (GCVE-0-2024-2193)

Vulnerability from cvelistv5 – Published: 2024-03-15 18:03 – Updated: 2025-04-30 23:03

Summary

A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.

Severity ?

5.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Assigner

certcc

References

URL

Tags

	https://kb.cert.org/vuls/id/488902
	https://xenbits.xen.org/xsa/advisory-453.html
	https://www.vusec.net/projects/ghostrace/
	https://download.vusec.net/papers/ghostrace_sec24.pdf
	https://git.kernel.org/pub/scm/linux/kernel/git/t…
	https://ibm.github.io/system-security-research-up…
	https://www.amd.com/en/resources/product-security…
	https://www.kb.cert.org/vuls/id/488902
	https://lists.fedoraproject.org/archives/list/pac…
	https://lists.fedoraproject.org/archives/list/pac…
	https://lists.fedoraproject.org/archives/list/pac…
	http://www.openwall.com/lists/oss-security/2024/0…

Impacted products

Vendor

Product

Version

AMD

CPU

Affected: See advisory AMD-SB-7016

Xen

Affected: consult Xen advisory XSA-453

Credits

Thanks to Hany Ragab and Cristiano Giuffrida from the VUSec group at VU Amsterdam and Andrea Mambretti and Anil Kurmus from IBM Research Europe, Zurich for discovering and reporting this vulnerability.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-2193",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-18T15:31:03.336472Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-362",
                "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-29T16:10:13.603Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-04-30T23:03:28.475Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.cert.org/vuls/id/488902"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://xenbits.xen.org/xsa/advisory-453.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.vusec.net/projects/ghostrace/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://download.vusec.net/papers/ghostrace_sec24.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ibm.github.io/system-security-research-updates/2024/03/12/ghostrace"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/488902"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/12/14"
          },
          {
            "url": "http://xenbits.xen.org/xsa/advisory-453.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "CPU",
          "vendor": "AMD",
          "versions": [
            {
              "status": "affected",
              "version": "See advisory AMD-SB-7016"
            }
          ]
        },
        {
          "product": "Xen",
          "vendor": "Xen",
          "versions": [
            {
              "status": "affected",
              "version": "consult Xen advisory XSA-453"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Thanks to Hany Ragab and Cristiano Giuffrida from the VUSec group at VU Amsterdam and Andrea Mambretti and Anil Kurmus from IBM Research Europe, Zurich for discovering and reporting this vulnerability."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T17:10:43.337Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "url": "https://kb.cert.org/vuls/id/488902"
        },
        {
          "url": "https://xenbits.xen.org/xsa/advisory-453.html"
        },
        {
          "url": "https://www.vusec.net/projects/ghostrace/"
        },
        {
          "url": "https://download.vusec.net/papers/ghostrace_sec24.pdf"
        },
        {
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=944d5fe50f3f03daacfea16300e656a1691c4a23"
        },
        {
          "url": "https://ibm.github.io/system-security-research-updates/2024/03/12/ghostrace"
        },
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7016.html"
        },
        {
          "url": "https://www.kb.cert.org/vuls/id/488902"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/03/12/14"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Speculative Race Condition impacts modern CPU architectures that support speculative execution, also known as GhostRace.",
      "x_generator": {
        "engine": "VINCE 2.1.11",
        "env": "prod",
        "origin": "https://cveawg.mitre.org/api/cve/CVE-2024-2193"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2024-2193",
    "datePublished": "2024-03-15T18:03:32.844Z",
    "dateReserved": "2024-03-05T15:11:04.573Z",
    "dateUpdated": "2025-04-30T23:03:28.475Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2025-29750

CVE-2024-2193 (GCVE-0-2024-2193)

Tags

Sightings

Nomenclature