2019-11-28 00:15:00 2020-01-28 20:47:00

The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.

Vector

LOCAL

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE