Main Vulnerability Database SB2020092337

SB2020092337 - Race condition in xen (Alpine package)

Published: September 23, 2020

Security Bulletin ID SB2020092337

CSH Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Race condition (CVE-ID: CVE-2020-25599)

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Amber

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to a race condition caused by uses of EVTCHNOP_reset (potentially by a guest on itself) or XEN_DOMCTL_soft_reset (by itself covered by XSA-77). A remote user on the PV guest can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the host system.

Remediation

Install update from vendor's website.

References

https://git.alpinelinux.org/aports/commit/?id=f48590ae54ca9e0c3bf6b3fae3e6b065f14223e3