Buffer overflow in Xen



Published: 2020-12-15 | Updated: 2021-04-30
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2020-29568
CWE-ID CWE-119
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
Xen
Server applications / Virtualization software

Vendor Xen Project

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Buffer overflow

EUVDB-ID: #VU52772

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-29568

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a local authenticated user to a crash the entire system.

An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OOM in the backend. All systems with a FreeBSD, Linux, or NetBSD (any version) dom0 are vulnerable.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Xen: 4.0.0 - 4.15.0


CPE2.3 External links

http://lists.debian.org/debian-lts-announce/2021/02/msg00018.html
http://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
http://www.debian.org/security/2021/dsa-4843
http://xenbits.xenproject.org/xsa/advisory-349.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###