Lucene search

K

MitreCVELIST:CVE-2020-11740

HistoryApr 14, 2020 - 12:18 p.m.

CVE-2020-11740

2020-04-1412:18:35

mitre

www.cve.org

2

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

18.0%

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not scrubbed.

References

lists.opensuse.org/opensuse-security-announce/2020-05/msg00006.html

www.openwall.com/lists/oss-security/2020/04/14/1

xenbits.xen.org/xsa/advisory-313.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5M2XRNCHOGGTJQBZQJ7DCV6ZNAKN3LE2/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NVTP4OYHCTRU3ONFJOFJQVNDFB25KLLG/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YMAW7D2MP6RE4BFI5BZWOBBWGY3VSOFN/

security.gentoo.org/glsa/202005-08

www.debian.org/security/2020/dsa-4723

xenbits.xen.org/xsa/advisory-313.html

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

18.0%

Related for CVELIST:CVE-2020-11740

debiancve1 prion1 osv3 veracode1 nvd1 cve1 ubuntucve1 redhatcve1 xen1 citrix1 nessus13 openvas12 fedora3 gentoo1 suse1 debian1 ubuntu1