CVE-2020-10766

CWE-44016 documents10 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 76.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Linux Kernel Kernel

Timeline

PublishedSep 15

Latest updateMay 24

Description

A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per task/process conditional STIPB switching was added on top of the existing SSBD switching. The highest threat from this vulnerability is to confidentiality.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶Android:linux_kernel::0 — :2021-01-05

▶NVDlinux/linux_kernel< 5.8.0

▶CVEListV5linux_kernel/kernelbefore 5.8-rc1

▶Debianlinux< 5.7.6-1+3

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-c87p-h49c-qjmw: A logic bug flaw was found in Linux kernel before 5↗2022-05-24

▶

OSV

CVE-2020-10766: In __speculation_ctrl_update of process↗2021-01-01

▶

OSV

CVE-2020-10766: A logic bug flaw was found in Linux kernel before 5↗2020-09-15

▶

CVEList

CVE-2020-10766: A logic bug flaw was found in Linux kernel before 5↗2020-09-15

▶

📋Vendor Advisories

Android

CVE-2020-10766: Speculative execution↗2021-01-01

▶

Microsoft

▶

Ubuntu

Linux kernel vulnerabilities↗2020-09-03

▶

Ubuntu

Linux kernel vulnerabilities↗2020-09-03

▶

Ubuntu

linux kernel vulnerabilities↗2020-07-31

▶

💬Community

Bugzilla

CVE-2020-10766 kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection. [fedora-all]↗2020-06-16

▶

Bugzilla

CVE-2020-10766 kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection.↗2020-06-10

▶