Wind River Support Network

HomeDefectsLIN9-10362
Fixed

LIN9-10362 : Security Advisory - linux - CVE-2020-10767

Created: Sep 16, 2020    Updated: Nov 1, 2020
Resolved Date: Oct 26, 2020
Found In Version: 9.0.0.1
Fix Version: 9.0.0.26
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Kernel

Description

A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available. This flaw allows a local attacker to perform a Spectre V2 style attack when this configuration is active. The highest threat from this vulnerability is to confidentiality.

CREATE(Triage):(User=admin) [CVE-2020-10767|https://nvd.nist.gov/vuln/detail/CVE-2020-10767]

CVEs


Live chat
Online