Use of uninitialized resource in Xen

#VU46972 Use of uninitialized resource in Xen

Published: 2020-09-23

Vulnerability identifier: #VU46972

Vulnerability risk: Medium

CVSSv3.1: 7.4 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-25595

CWE-ID: CWE-908

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Xen
Server applications / Virtualization software

Vendor: Xen Project

Description

The vulnerability allows a remote user to escalate privileges on the host operating system.

The vulnerability exists due to PCI passthrough code reading back untrusted values fromhardware registers in Xen. A remote user on a guest operating system can run a specially crafted program to obtain potentially sensitive information from memory and crash Xen or escalate privileges on the hypervisor.

The vulnerability affects x86 systems with PCI passthrough support.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Xen: 4.10.0 - 4.14.0

External links
http://xenbits.xen.org/xsa/advisory-337.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for xen

Debian update for xen

OpenSUSE Linux update for xen

Use of uninitialized resource in xen (Alpine package)

Multiple vulnerabilities in Xen