CVE-2019-18660

  • Published Date: Wed 27 Nov 2019
  • Last Modified Date: Thu 12 Dec 2019

The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.

Impact

Severity: LOW
Exploitability Score: 3.9
Impact Score: 2.9
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
Availability (A): NONE

References (Advisories, Solutions, and Tools):



Note: This page is generated by our securitybot and has not been checked for errors. Feed Source: NVD