CVE-2020-13844

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 09-06-2020 01:15

Last modified: - 28-04-2022 09:30

Total changes: - 3

Description

Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Low

Attack complexity

Local

Attack vector

None

Availability

High

Confidentiality

None

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

5.5

Base score

1.8

3.6

Exploitability score

Impact score

Verification logic

AND

vendor=arm AND product=cortex-a32_firmware AND version=-

vendor=arm AND product=cortex-a32 AND version=-

AND

vendor=arm AND product=cortex-a35_firmware AND version=-

vendor=arm AND product=cortex-a35 AND version=-

AND

vendor=arm AND product=cortex-a53_firmware AND version=-

vendor=arm AND product=cortex-a53 AND version=-

AND

vendor=arm AND product=cortex-a57_firmware AND version=-

vendor=arm AND product=cortex-a57 AND version=-

AND

vendor=arm AND product=cortex-a72_firmware AND version=-

vendor=arm AND product=cortex-a72 AND version=-

AND

vendor=arm AND product=cortex-a73_firmware AND version=-

vendor=arm AND product=cortex-a73 AND version=-

AND

vendor=arm AND product=cortex-a34_firmware AND version=-

vendor=arm AND product=cortex-a34 AND version=-

vendor=opensuse AND product=leap AND version=15.1

vendor=opensuse AND product=leap AND version=15.2

Reference

Keywords

CVE-2020-13844

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2020-13844

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures