CVE-2020-29484NULL Pointer Dereference in XEN

CWE-476NULL Pointer Dereference4 documents4 sources
Severity
6.0MEDIUMNVD
EPSS
0.1%
top 80.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
XENDebian XENDebian Linux+1 more
Timeline
PublishedDec 15
Latest updateMay 24

Description

An issue was discovered in Xen through 4.14.x. When a Xenstore watch fires, the xenstore client that registered the watch will receive a Xenstore message containing the path of the modified Xenstore entry that triggered the watch, and the tag that was specified when registering the watch. Any communication with xenstored is done via Xenstore messages, consisting of a message header and the payload. The payload length is limited to 4096 bytes. Any request to xenstored resulting in a response with

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 1.5 | Impact: 4.0

Affected Packages3 packages

debiandebian/xen< xen 4.14.0+88-g1d1d1f5391-1 (bookworm)
Debianxen/xen< 4.14.0+88-g1d1d1f5391-1+3
NVDxen/xen4.14.0

Also affects: Debian Linux 10.0, Fedora 32, 33

Patches

Patch: xenbits.xenproject.orgPatch: xenbits.xenproject.org

🔴Vulnerability Details

2
GHSA
GHSA-58pp-88x2-wf7f: An issue was discovered in Xen through 42022-05-24
OSV
CVE-2020-29484: An issue was discovered in Xen through 42020-12-15

📋Vendor Advisories

1
Debian
CVE-2020-29484: xen - An issue was discovered in Xen through 4.14.x. When a Xenstore watch fires, the ...2020