Severity

Medium

Analysis Summary

Linux Kernel could allow a local authenticated attacker to bypass security restrictions, caused by an issue when Indirect branch speculation can be enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. An attacker could exploit this vulnerability to perform a spectre v2 style attack.

Impact

Security Bypass

Affected Vendors

Linux

Affected Products

Linux Kernel

Remediation

Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.