CVE-2020-29479

🗓️ 15 Dec 2020 17:06:50Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 73 Views

An issue discovered in Xen through 4.14.x allows unprivileged guests to modify permissions, list, and delete the root node in the Ocaml xenstored implementation, potentially leading to host-wide denial of service

Reporter	Title	Published	Views	Family All 31
BDU FSTEC	The vulnerability of Xen hypervisors, related to deficiencies in the authorization process, allows attackers to gain unauthorized access to protected information.	4 Oct 202200:00	–	bdu_fstec
Circl	CVE-2020-29479	15 Dec 202020:40	–	circl
CNNVD	Xen Permission License and Access Control Issues Vulnerability	15 Dec 202000:00	–	cnnvd
Citrix	Citrix Hypervisor Security Update	15 Dec 202013:18	–	citrix
Cvelist	CVE-2020-29479	15 Dec 202017:06	–	cvelist
Debian	[SECURITY] [DSA 4812-1] xen security update	15 Dec 202012:50	–	debian
Debian CVE	CVE-2020-29479	15 Dec 202017:06	–	debiancve
Tenable Nessus	Debian DSA-4812-1 : xen - security update	16 Dec 202000:00	–	nessus
Tenable Nessus	Fedora 33 : xen (2020-64859a826b)	28 Dec 202000:00	–	nessus
Tenable Nessus	Fedora 32 : xen (2020-df772b417b)	28 Dec 202000:00	–	nessus

NVD

Node

xen xenRange≤4.14.0

Node

debian debian_linuxMatch10.0

Node

fedoraproject fedoraMatch32

fedoraproject fedoraMatch33

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI/
debian	www.debian.org/security/2020/dsa-4812
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA/
xenbits	www.xenbits.xenproject.org/xsa/advisory-353.html
security	www.security.gentoo.org/glsa/202107-30

17 Jun 2026 03:11Current

8.4High risk

Vulners AI Score8.4

CVSS 27.2

CVSS 3.18.8

EPSS0.00304

CWE-862