CVE-2020-11743 — Improper Handling of Exceptional Conditions in XEN

CWE-755 — Improper Handling of Exceptional Conditions CWE-393 — Return of Wrong Status Code9 documents7 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 73.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN Fedoraproject Fedora

Timeline

PublishedApr 14

Latest updateSep 19

Description

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOP_map_grant. Grant table operations are expected to return 0 for success, and a negative number for errors. Some misplaced brackets cause one error path to return 1 instead of a negative value. The grant table code in Linux treats this condition as success, and proceeds with incorrectly initialised state. A buggy or malicious guest can construct its grant tabl…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/xen< xen 4.11.4-1 (bookworm)

▶Debianxen/xen< 4.11.4-1+3

▶Ubuntuxen/xen< 4.11.3+24-g14b62ab3e5-1ubuntu2.3

▶NVDxen/xen4.13.0+1

Also affects: Fedora 32

Patches

Patch: www.openwall.com ↗Patch: www.openwall.com ↗

🔴Vulnerability Details

OSV

xen vulnerabilities↗2022-09-19

▶

GHSA

GHSA-ff8p-26v5-2cw5: An issue was discovered in Xen through 4↗2022-05-24

▶

OSV

CVE-2020-11743: An issue was discovered in Xen through 4↗2020-04-14

▶

📋Vendor Advisories

Ubuntu

Xen vulnerabilities↗2022-09-19

▶

Red Hat

xen: bad error path in GNTTABOP_map_grant (XSA-316)↗2020-04-14

▶

Debian

CVE-2020-11743: xen - An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause ...↗2020

▶

💬Community

Bugzilla

CVE-2020-11743 xen: bad error path in GNTTABOP_map_grant (XSA-316) [fedora-all]↗2020-04-14

▶

Bugzilla

CVE-2020-11743 xen: bad error path in GNTTABOP_map_grant (XSA-316)↗2020-04-14

▶