CVE-2020-25596 — Injection in XEN

CWE-74 — Injection CWE-440 — Expected Behavior Violation9 documents8 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 75.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian Linux Fedoraproject Fedora +1 more

Timeline

PublishedSep 23

Latest updateSep 19

Description

An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault, and incorrectly delivers it twice to the guest. This causes the guest kernel to observe a kernel-privilege #GP fault (typically fatal) rather than a user-privilege #GP fault (usually converted into SIGSEGV/etc.). Malicious or buggy userspace can cra…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶Debianxen/xen< 4.14.0+80-gd101b417b7-1+3

▶NVDxen/xen3.2.0 — 4.14.0

▶NVDopensuse/leap15.2

Also affects: Debian Linux 10.0, Fedora 31, 32, 33

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-wv5g-6p8m-2pxx: An issue was discovered in Xen through 4↗2022-05-24

▶

OSV

CVE-2020-25596: An issue was discovered in Xen through 4↗2020-09-23

▶

CVEList

CVE-2020-25596: An issue was discovered in Xen through 4↗2020-09-23

▶

📋Vendor Advisories

Ubuntu

Xen vulnerabilities↗2022-09-19

▶

Red Hat

xen: x86 pv guest kernel DoS via SYSENTER (XSA-339)↗2020-09-22

▶

Debian

CVE-2020-25596: xen - An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experien...↗2020

▶

💬Community

Bugzilla

CVE-2020-25596 xen: x86 pv guest kernel DoS via SYSENTER (XSA-339) [fedora-all]↗2020-09-22

▶

Bugzilla

CVE-2020-25596 xen: x86 pv guest kernel DoS via SYSENTER (XSA-339)↗2020-09-17

▶