CVE-2020-29570
Last modified
CVE-2020-29570 is a medium-severity vulnerability rated 6.2/10 on the CVSS scale. An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. EPSS estimates a 0.37% chance of exploitation in the next 30 days.
Description
An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system.
Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Xen | Xen | >= 4.4.0, <= 4.14.0 |
| Debian | Debian Linux | 10.0 |
| Fedoraproject | Fedora | 32 |
| Fedoraproject | Fedora | 33 |
References
- http://www.openwall.com/lists/oss-security/2020/12/16/4Mailing List, Third Party Advisory
- https://security.gentoo.org/glsa/202107-30Third Party Advisory
- https://www.debian.org/security/2020/dsa-4812Third Party Advisory
- https://xenbits.xenproject.org/xsa/advisory-358.htmlPatch, Vendor Advisory
- http://www.openwall.com/lists/oss-security/2020/12/16/4Mailing List, Third Party Advisory
- https://security.gentoo.org/glsa/202107-30Third Party Advisory
- https://www.debian.org/security/2020/dsa-4812Third Party Advisory
- https://xenbits.xenproject.org/xsa/advisory-358.htmlPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-29570?
How severe is CVE-2020-29570?
How do I fix CVE-2020-29570?
Are you affected by CVE-2020-29570?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST