ASB-A-169505740 — Vulnetix

ASB-A-169505740 PUBLISHED CVSS 6.900000095367432 MEDIUM

In __speculation_ctrl_update of process.c, there is a possible way to disable Speculative Store Bypass Disable due to a logic error, which allows for side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS 4.0

6.900000095367432

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Android	:linux_kernel:	:0, Kernel, :0

Timeline

Jan 1, 2021 CVE Published
May 15, 2026 CVE Updated

References

https://source.android.com/security/bulletin/2021-01-01 advisory
https://android.googlesource.com/kernel/common/+/dbbe2ad02e9df26e372f38cc3e70dab9222c832e patch

Open in Interactive Console →