cbcvebase.
CVE-2020-10768
published 2020-09-16

CVE-2020-10768: A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been…

PriorityP424medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.40%
31.5th percentile
A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.

Affected

12 ranges
VendorProductVersion rangeFixed in
debianlinux< linux 5.7.6-1 (bookworm)linux 5.7.6-1 (bookworm)
googleandroid
linuxlinux_kernel< 5.8.05.8.0
linuxlinux_kernel>= 0 < 5.7.6-15.7.6-1
linuxlinux_kernel>= 0 < 5.7.6-15.7.6-1
linuxlinux_kernel>= 0 < 5.7.6-15.7.6-1
linuxlinux_kernel>= 0 < 5.7.6-15.7.6-1
linuxlinux_kernel>= 0 < 4.4.0-186.2164.4.0-186.216
linuxlinux_kernel>= 0 < 4.15.0-115.1164.15.0-115.116
linuxlinux_kernel>= 0 < 5.4.0-45.495.4.0-45.49
linux_kernelkernel
msrccm1_kernel_5.4.91-3_on_cbl_mariner_1.0

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv7.8HIGH
vendor_ubuntu7.8HIGH
vendor_debian5.5MEDIUM
vendor_msrc5.5MEDIUM
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.