Alpaquita Linux
Security Advisory

CVE-2020-10767

Published: September 15, 2020Last modified: November 8, 2023

Description

A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available. This flaw allows a local attacker to perform a Spectre V2 style attack when this configuration is active. The highest threat from this vulnerability is to confidentiality.

Severity score breakdown

ParameterValue
Base score5.5
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredLOW
User interactionNONE
ScopeUNCHANGED
ConfidentialityHIGH
Integrity impactNONE
Availability impactNONE
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSlinux-ltsNot affected (6.1.50-r0)
Streamlinux-ltsNot affected (6.1.50-r0)

References

ON THIS PAGE