Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-75z3-vf7c-zkb2
Vulnerability ID VCID-75z3-vf7c-zkb2
Aliases CVE-2024-20952
Summary
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-385 Covert Timing Channel
System Score Found at
cvssv3 7.4 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json
epss 0.00319 https://api.first.org/data/v1/epss?cve=CVE-2024-20952
cvssv3.1 7.4 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 7.4 https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html
ssvc Track https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html
cvssv3.1 7.4 https://security.netapp.com/advisory/ntap-20240201-0002/
ssvc Track https://security.netapp.com/advisory/ntap-20240201-0002/
cvssv3.1 7.4 https://www.oracle.com/security-alerts/cpujan2024.html
ssvc Track https://www.oracle.com/security-alerts/cpujan2024.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json
https://api.first.org/data/v1/epss?cve=CVE-2024-20952
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2257837 https://bugzilla.redhat.com/show_bug.cgi?id=2257837
cpujan2024.html https://www.oracle.com/security-alerts/cpujan2024.html
GLSA-202412-07 https://security.gentoo.org/glsa/202412-07
msg00023.html https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html
ntap-20240201-0002 https://security.netapp.com/advisory/ntap-20240201-0002/
RHSA-2024:0222 https://access.redhat.com/errata/RHSA-2024:0222
RHSA-2024:0223 https://access.redhat.com/errata/RHSA-2024:0223
RHSA-2024:0224 https://access.redhat.com/errata/RHSA-2024:0224
RHSA-2024:0225 https://access.redhat.com/errata/RHSA-2024:0225
RHSA-2024:0226 https://access.redhat.com/errata/RHSA-2024:0226
RHSA-2024:0228 https://access.redhat.com/errata/RHSA-2024:0228
RHSA-2024:0230 https://access.redhat.com/errata/RHSA-2024:0230
RHSA-2024:0231 https://access.redhat.com/errata/RHSA-2024:0231
RHSA-2024:0232 https://access.redhat.com/errata/RHSA-2024:0232
RHSA-2024:0233 https://access.redhat.com/errata/RHSA-2024:0233
RHSA-2024:0234 https://access.redhat.com/errata/RHSA-2024:0234
RHSA-2024:0235 https://access.redhat.com/errata/RHSA-2024:0235
RHSA-2024:0237 https://access.redhat.com/errata/RHSA-2024:0237
RHSA-2024:0239 https://access.redhat.com/errata/RHSA-2024:0239
RHSA-2024:0240 https://access.redhat.com/errata/RHSA-2024:0240
RHSA-2024:0241 https://access.redhat.com/errata/RHSA-2024:0241
RHSA-2024:0242 https://access.redhat.com/errata/RHSA-2024:0242
RHSA-2024:0244 https://access.redhat.com/errata/RHSA-2024:0244
RHSA-2024:0246 https://access.redhat.com/errata/RHSA-2024:0246
RHSA-2024:0247 https://access.redhat.com/errata/RHSA-2024:0247
RHSA-2024:0248 https://access.redhat.com/errata/RHSA-2024:0248
RHSA-2024:0249 https://access.redhat.com/errata/RHSA-2024:0249
RHSA-2024:0250 https://access.redhat.com/errata/RHSA-2024:0250
RHSA-2024:0265 https://access.redhat.com/errata/RHSA-2024:0265
RHSA-2024:0266 https://access.redhat.com/errata/RHSA-2024:0266
RHSA-2024:0267 https://access.redhat.com/errata/RHSA-2024:0267
RHSA-2024:1481 https://access.redhat.com/errata/RHSA-2024:1481
RHSA-2024:1482 https://access.redhat.com/errata/RHSA-2024:1482
USN-6660-1 https://usn.ubuntu.com/6660-1/
USN-6661-1 https://usn.ubuntu.com/6661-1/
USN-6662-1 https://usn.ubuntu.com/6662-1/
USN-6696-1 https://usn.ubuntu.com/6696-1/
USN-7096-1 https://usn.ubuntu.com/7096-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/ Found at https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://security.netapp.com/advisory/ntap-20240201-0002/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/ Found at https://security.netapp.com/advisory/ntap-20240201-0002/
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://www.oracle.com/security-alerts/cpujan2024.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/ Found at https://www.oracle.com/security-alerts/cpujan2024.html
Exploit Prediction Scoring System (EPSS)
Percentile 0.55421
EPSS Score 0.00319
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-10T18:10:57.270722+00:00 SUSE Severity Score Importer Import https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml 38.6.0