CVE-2020-10767 - A flaw was found in the Linux kernel before 5.8-rc1 in the implementation - CVEs Blog

A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available. This flaw allows a local attacker to perform a Spectre V2 style attack when this configuration is active. The highest threat from this vulnerability is to confidentiality.

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10767

Reference (s):

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10767
URL: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10767
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=21998a351512eba4ed5969006f0c55882d995ada
URL: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=21998a351512eba4ed5969006f0c55882d995ada

CVE-2020-10767 – A flaw was found in the Linux kernel before 5.8-rc1 in the implementation

Something Fresh

CVE-2004-1715 - Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 all

CVE-2020-27216 - In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 1

CVE-2020-27212 - STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect acce

What People Reading

CVE-2004-1715 - Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 all

CVE-2020-26212 - GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Free

CVE-2020-27212 - STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect acce

CVE-2015-0320 - Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and

CVE-2015-0353 - Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.

Categories

Partners

Just add here your partners image or promo text