BDU:2021-03412

Уязвимость ядра операционной системы Linux, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным

Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

CVE-2020-4788

Published: 2020-11-20
Modified: 2024-11-21

CVE-2020-4788

IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.

Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

[oss-security] 20201120 CVE-2020-4788: Speculation on incompletely validated data on IBM Power9
[oss-security] 20201120 CVE-2020-4788: Speculation on incompletely validated data on IBM Power9
[oss-security] 20201123 Re: CVE-2020-4788: Speculation on incompletely validated data on IBM Power9
[oss-security] 20201123 Re: CVE-2020-4788: Speculation on incompletely validated data on IBM Power9
ibm-i-cve20204788-info-disc (189296)
ibm-i-cve20204788-info-disc (189296)
FEDORA-2020-8c15928d23
FEDORA-2020-8c15928d23
FEDORA-2020-4700a73bd5
FEDORA-2020-4700a73bd5
https://www.ibm.com/support/pages/node/6370729
https://www.ibm.com/support/pages/node/6370729
https://www.oracle.com/security-alerts/cpujul2022.html
https://www.oracle.com/security-alerts/cpujul2022.html

Version: 2.1.0

Package kernel-image-std-debug update in sisyphus on 2020-11-22

ALT-PU-2020-3389-1

Closed vulnerabilities

BDU:2021-03412

CVE-2020-4788