CVE-2020-29479

🗓️ 15 Dec 2020 17:06:50Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 65 Views

An issue discovered in Xen through 4.14.x allows unprivileged guests to modify permissions, list, and delete the root node in the Ocaml xenstored implementation, potentially leading to host-wide denial of service

Reporter	Title	Published	Views	Family All 30
Circl	CVE-2020-29479	15 Dec 202020:40	–	circl
CNNVD	Xen Permission License and Access Control Issues Vulnerability	15 Dec 202000:00	–	cnnvd
Citrix	Citrix Hypervisor Security Update	15 Dec 202013:18	–	citrix
Cvelist	CVE-2020-29479	15 Dec 202017:06	–	cvelist
Debian	[SECURITY] [DSA 4812-1] xen security update	15 Dec 202012:50	–	debian
Debian CVE	CVE-2020-29479	15 Dec 202017:06	–	debiancve
Tenable Nessus	Debian DSA-4812-1 : xen - security update	16 Dec 202000:00	–	nessus
Tenable Nessus	Fedora 33 : xen (2020-64859a826b)	28 Dec 202000:00	–	nessus
Tenable Nessus	Fedora 32 : xen (2020-df772b417b)	28 Dec 202000:00	–	nessus
Tenable Nessus	GLSA-202107-30 : Xen: Multiple vulnerabilities	24 Jan 202200:00	–	nessus

NVD

Node

xen xenRange≤4.14.0

Node

debian debian_linuxMatch10.0

Node

fedoraproject fedoraMatch32

fedoraproject fedoraMatch33

Source	Link
debian	www.debian.org/security/2020/dsa-4812
xenbits	www.xenbits.xenproject.org/xsa/advisory-353.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI/
security	www.security.gentoo.org/glsa/202107-30

21 Nov 2024 05:24Current

8.4High risk

Vulners AI Score8.4

CVSS 27.2

CVSS 3.18.8

EPSS0.00046

CWE-862