Vulnerability identifier: #VU22541
Vulnerability risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Xen
Server applications /
Virtualization software
Vendor: Xen Project
Description
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the VCPUOP_initialise hypercall in Xen. A remote user on a guest operating system can run a specially crafted program and perform a denial of service attack against the host operating system.
Mitigation
xsa296.patch Xen 4.9 ... unstable xsa296-4.8.patch Xen 4.7 ... 4.8 $ sha256sum xsa296* 71bd433f788dd511fad90165bc5ba9bcabe949eecd912f2a616e3c996960d67d xsa296.meta ccfd81b162b8535d952f56b1f87dfdd960e71bf07c1cf8388976e78e2e86cde5 xsa296.patch b283be3df6789402553172b7fd582bfffb4fa72a6b33543439bd2fb1b87bfbd4 xsa296-4.8.patch $
Vulnerable software versions
Xen: 4.6.0 - 4.9.4
External links
http://www.openwall.com/lists/oss-security/2019/10/31/1
http://xenbits.xen.org/xsa/advisory-296.html
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.