CVE-2020-27671Improper Privilege Management in XEN

CWE-269Improper Privilege ManagementCWE-672Operation on a Resource after Expiration or ReleaseCWE-193Off-by-one Error9 documents7 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 78.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
XENDebian LinuxFedoraproject Fedora+1 more
Timeline
PublishedOct 22
Latest updateMay 24

Description

An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 1.1 | Impact: 6.0

Affected Packages3 packages

Debianxen/xen< 4.14.0+80-gd101b417b7-1+3
NVDxen/xen4.2.04.14.0
NVDopensuse/leap15.1, 15.2+1

Also affects: Debian Linux 10.0, Fedora 31

Patches

Patch: xenbits.xen.orgPatch: xenbits.xen.orgPatch: xenbits.xen.org

🔴Vulnerability Details

3
GHSA
GHSA-mpp4-4x92-f6p7: An issue was discovered in Xen through 42022-05-24
CVEList
CVE-2020-27671: An issue was discovered in Xen through 42020-10-22
OSV
CVE-2020-27671: An issue was discovered in Xen through 42020-10-22

📋Vendor Advisories

3
Red Hat
xen: stack corruption from XSA-346 change (XSA-355)2020-11-24
Red Hat
xen: undue deferral of IOMMU TLB flushes (XSA-346)2020-10-20
Debian
CVE-2020-27671: xen - An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS ...2020

💬Community

2
Bugzilla
CVE-2020-27671 xen: undue deferral of IOMMU TLB flushes (XSA-346)2020-10-23
Bugzilla
CVE-2020-27671 xen: undue deferral of IOMMU TLB flushes (XSA-346) [fedora-all]2020-10-23
CVE-2020-27671 — Improper Privilege Management in XEN | cvebase