Lucene search

K
ubuntucveUbuntu.comUB:CVE-2020-10766
HistoryJun 10, 2020 - 12:00 a.m.

CVE-2020-10766

2020-06-1000:00:00
ubuntu.com
ubuntu.com
21

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

A logic bug flaw was found in Linux kernel before 5.8-rc1 in the
implementation of SSBD. A bug in the logic handling allows an attacker with
a local account to disable SSBD protection during a context switch when
additional speculative execution mitigations are in place. This issue was
introduced when the per task/process conditional STIPB switching was added
on top of the existing SSBD switching. The highest threat from this
vulnerability is to confidentiality.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-115.116UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-45.49UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-186.216UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1080.84UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1022.22UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1075.79) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1111.123UNKNOWN
ubuntu18.04noarchlinux-aws-5.3< 5.3.0-1032.34~18.04.2UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1022.22~18.04.1UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1080.84~16.04.1UNKNOWN
Rows per page:
1-10 of 471

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%