CVE-2020-13844
Summary
| CVE | CVE-2020-13844 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2020-06-08 23:15:00 UTC |
|---|
| Updated | 2022-04-28 19:30:00 UTC |
|---|
| Description | Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [llvm-dev] Mitigating straight-line speculation vulnerability CVE-2020-13844 |
CONFIRM |
lists.llvm.org |
Mailing List, Third Party Advisory |
| Straight Line Speculation (SLS) mitigation. |
CONFIRM |
gcc.gnu.org |
Patch, Third Party Advisory |
| [security-announce] openSUSE-SU-2020:1692-1: moderate: Security update f |
SUSE |
lists.opensuse.org |
|
| developer.arm.com/support/arm-security-updates/speculative-processor-vulnerabil... |
MISC |
developer.arm.com |
Vendor Advisory |
| Speculative Processor Vulnerability | Frequently asked questions – Arm Developer |
CONFIRM |
developer.arm.com |
Vendor Advisory |
| Speculative Processor Vulnerability – Arm Developer |
CONFIRM |
developer.arm.com |
Vendor Advisory |
| [security-announce] openSUSE-SU-2020:1693-1: moderate: Security update f |
SUSE |
lists.opensuse.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 610406 Google Pixel Android April 2022 Security Patch Missing
- 750477 OpenSUSE Security Update for gcc7 (openSUSE-SU-2020:2300-1)
- 750478 OpenSUSE Security Update for gcc7 (openSUSE-SU-2020:2301-1)
- 755898 SUSE Enterprise Linux Security Update for gcc7 (SUSE-SU-2023:3662-1)
