{"api_version":"1","generated_at":"2026-04-23T02:12:43+00:00","cve":"CVE-2020-10768","urls":{"html":"https://cve.report/CVE-2020-10768","api":"https://cve.report/api/cve/CVE-2020-10768.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-10768","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-10768"},"summary":{"title":"CVE-2020-10768","description":"A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2020-09-16 00:15:00","updated_at":"2023-11-07 03:14:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf","refsource":"MISC","tags":["Patch","Vendor Advisory"],"title":"kernel/git/torvalds/linux.git - Linux kernel source tree","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10768","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10768","refsource":"CONFIRM","tags":["Issue Tracking","Third Party Advisory"],"title":"1845868 – (CVE-2020-10768) CVE-2020-10768 kernel: Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command.","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-10768","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10768","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"10768","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"10768","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2020-10768","qid":"174729","title":"SUSE Enterprise Linux Security update for the Linux Kernel (SUSE-SU-2020:2106-1)"},{"cve":"CVE-2020-10768","qid":"352343","title":"Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2020-025"},{"cve":"CVE-2020-10768","qid":"353138","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2022-013"},{"cve":"CVE-2020-10768","qid":"610373","title":"Google Android Devices October 2021 Security Patch Missing"},{"cve":"CVE-2020-10768","qid":"750376","title":"OpenSUSE Security Update for RT kernel (openSUSE-SU-2021:0242-1)"},{"cve":"CVE-2020-10768","qid":"900076","title":"CBL-Mariner Linux Security Update for kernel 5.4.91"},{"cve":"CVE-2020-10768","qid":"903692","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (3483)"},{"cve":"CVE-2020-10768","qid":"905951","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (3483-1)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2020-10768","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Linux Kernel","product":{"product_data":[{"product_name":"kernel","version":{"version_data":[{"version_value":"before 5.8-rc1"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-440"}]}]},"references":{"reference_data":[{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf","refsource":"MISC","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10768","name":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10768","refsource":"CONFIRM"}]},"description":{"description_data":[{"lang":"eng","value":"A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality."}]},"impact":{"cvss":[[{"vectorString":"5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","version":"3.0"}]]}},"nvd":{"publishedDate":"2020-09-16 00:15:00","lastModifiedDate":"2023-11-07 03:14:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.8.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"10768","Ordinal":"171208","Title":"CVE-2020-10768","CVE":"CVE-2020-10768","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"10768","Ordinal":"1","NoteData":"A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.","Type":"Description","Title":null},{"CveYear":"2020","CveId":"10768","Ordinal":"2","NoteData":"2020-09-15","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"10768","Ordinal":"3","NoteData":"2020-09-15","Type":"Other","Title":"Modified"}]}}}