Vulnerability · NVD

CVE-2020-10768

MEDIUM 5.5 Published on 2020-09-08

A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.

EPSS 0.03% exploit very unlikely percentile 10.2%

OS versions that fix this CVE

This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.

Android Fixed in October 2021 patch level

View on NVD ↗