{"id":"ASB-A-169505740","details":"In __speculation_ctrl_update of process.c, there is a possible way to disable Speculative Store Bypass Disable due to a logic error, which allows for side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-169505740","CVE-2020-10766"],"modified":"2026-05-12T15:53:12.741592Z","published":"2021-01-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-01-01"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/dbbe2ad02e9df26e372f38cc3e70dab9222c832e"}],"affected":[{"package":{"name":":linux_kernel:","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":":0"},{"fixed":":2021-01-05"}]}],"versions":["Kernel"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"target":{"function":"__speculation_ctrl_update","file":"arch/x86/kernel/process.c"},"digest":{"length":669,"function_hash":"250710125756048984842722933078406547396"},"deprecated":false,"source":"https://android.googlesource.com/kernel/common/+/dbbe2ad02e9df26e372f38cc3e70dab9222c832e","signature_version":"v1","signature_type":"Function","id":"ASB-A-169505740-5369071a"},{"target":{"file":"arch/x86/kernel/process.c"},"digest":{"threshold":0.9,"line_hashes":["223598936207650923025435889555090071458","51941984143126213303642955956130225496","332010218412004142622122792097786390298","196807880300784702122698364023331092448","219204688460491980966169296265965354595","187556765688784133821185655933544331868","174182776923154971239561183807260016612","268988646742004861009343260164382758727","272004541045723271693685430100529553213","316936303680016290319045399938297543663","14053540321143755774389207234345173957","89672397712851798756268444260495039722","198143662356294845207255966043940845345","184513831414642033403474974711809925854"]},"deprecated":false,"source":"https://android.googlesource.com/kernel/common/+/dbbe2ad02e9df26e372f38cc3e70dab9222c832e","signature_version":"v1","signature_type":"Line","id":"ASB-A-169505740-63e165db"}],"types":["ID"],"fixes":["https://android.googlesource.com/kernel/common/+/dbbe2ad02e9df26e372f38cc3e70dab9222c832e"],"spl":"2021-01-05"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-169505740.json"}}],"schema_version":"1.7.5"}