CVE-2020-11742 — Return of Wrong Status Code in XEN

CWE-393 — Return of Wrong Status Code9 documents7 sources

Severity

5.5MEDIUMNVD

OSV8.8

EPSS

0.1%

top 74.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN Fedoraproject Fedora

Timeline

PublishedApr 14

Latest updateSep 19

Description

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to return 0 for success, and a negative number for errors. The fix for CVE-2017-12135 introduced a path through grant copy handling where success may be returned to the caller without any action taken. In particular, the status fields of individual operations are left uninitialised, and may result in errant …

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/xen< xen 4.11.4-1 (bookworm)

▶Debianxen/xen< 4.11.4-1+3

▶Ubuntuxen/xen< 4.11.3+24-g14b62ab3e5-1ubuntu2.3

▶NVDxen/xen4.13.0+1

Also affects: Fedora 32

Patches

Patch: www.openwall.com ↗Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

OSV

xen vulnerabilities↗2022-09-19

▶

GHSA

GHSA-q23v-6m98-94w9: An issue was discovered in Xen through 4↗2022-05-24

▶

OSV

CVE-2020-11742: An issue was discovered in Xen through 4↗2020-04-14

▶

📋Vendor Advisories

Ubuntu

Xen vulnerabilities↗2022-09-19

▶

Red Hat

xen: bad continuation handling in GNTTABOP_copy (XSA-318)↗2020-04-14

▶

Debian

CVE-2020-11742: xen - An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause ...↗2020

▶

💬Community

Bugzilla

CVE-2020-11742 xen: bad continuation handling in GNTTABOP_copy (XSA-318)↗2020-04-14

▶

Bugzilla

CVE-2020-11742 xen: bad continuation handling in GNTTABOP_copy (XSA-318) [fedora-all]↗2020-04-14

▶