CVE-2020-29571
Last modified
CVE-2020-29571 is a medium-severity vulnerability rated 6.2/10 on the CVSS scale. An issue was discovered in Xen through 4.14.x. A bounds check common to most operation time functions specific to FIFO event channels depends on the CPU observing consistent state. EPSS estimates a 0.38% chance of exploitation in the next 30 days.
Description
An issue was discovered in Xen through 4.14.x. A bounds check common to most operation time functions specific to FIFO event channels depends on the CPU observing consistent state. While the producer side uses appropriately ordered writes, the consumer side isn't protected against re-ordered reads, and may hence end up de-referencing a NULL pointer. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system. Only Arm systems may be vulnerable. Whether a system is vulnerable depends on the specific CPU. x86 systems are not vulnerable.
Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Xen | Xen | >= 4.4.0, <= 4.14.0 |
| Debian | Debian Linux | 10.0 |
| Fedoraproject | Fedora | 32 |
| Fedoraproject | Fedora | 33 |
References
- https://security.gentoo.org/glsa/202107-30Third Party Advisory
- https://www.debian.org/security/2020/dsa-4812Third Party Advisory
- https://xenbits.xenproject.org/xsa/advisory-359.htmlPatch, Vendor Advisory
- https://security.gentoo.org/glsa/202107-30Third Party Advisory
- https://www.debian.org/security/2020/dsa-4812Third Party Advisory
- https://xenbits.xenproject.org/xsa/advisory-359.htmlPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-29571?
How severe is CVE-2020-29571?
How do I fix CVE-2020-29571?
Are you affected by CVE-2020-29571?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST