Untrusted Pointer Dereference in xen (Alpine package)
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2020-15563 |
| CWE-ID | CWE-822 |
| Exploitation vector | Local network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
xen (Alpine package) Operating systems & Components / Operating system package or component |
| Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Untrusted Pointer Dereference
EUVDB-ID: #VU29601
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2020-15563
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to inverted code paths in x86 dirty VRAM tracking in Xen. An attacker with access to HVM guest operating system can crash the hypervisor.
Note: the vulnerability affects x86 systems only.
Install update from vendor's website.
Vulnerable software versionsxen (Alpine package): 4.8.2-r0 - 4.12.3-r1
External linkshttp://git.alpinelinux.org/aports/commit/?id=3992359a2b257143f6d354a15e0d3b338c5d8e45
http://git.alpinelinux.org/aports/commit/?id=4eb93417705cbc9cb434bae5e88502bf944f7652
http://git.alpinelinux.org/aports/commit/?id=054ec5f5456be1d95d13e7b5c5607e9c0ed5904d
http://git.alpinelinux.org/aports/commit/?id=a95c3541d2bc3ba65df7c81a62b776d2fd0ed4ce
http://git.alpinelinux.org/aports/commit/?id=fc28a340a4fd7b262e11f636ab2fafe24e2d05a2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
