Lucene search
MitreCVELIST:CVE-2020-29571HistoryDec 15, 2020 - 5:02 p.m.
CVE-2020-29571
2020-12-1517:02:42
mitre
raw.githubusercontent.com
1
An issue was discovered in Xen through 4.14.x. A bounds check common to most operation time functions specific to FIFO event channels depends on the CPU observing consistent state. While the producer side uses appropriately ordered writes, the consumer side isn’t protected against re-ordered reads, and may hence end up de-referencing a NULL pointer. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system. Only Arm systems may be vulnerable. Whether a system is vulnerable depends on the specific CPU. x86 systems are not vulnerable.
Related
nessus
nessus
Xen Project DoS Vulnerability (XSA-359)
2020-12-18 00:00:00
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:3915-1)
2020-12-23 00:00:00
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:3881-1)
2020-12-21 00:00:00
cve
cve
CVE-2020-29571
2020-12-15 17:15:00
osv
osv
CVE-2020-29571
2020-12-15 17:15:14
xen - security update
2020-12-15 00:00:00
debiancve
debiancve
CVE-2020-29571
2020-12-15 17:15:00
xen
xen
FIFO event channels control structure ordering
2020-12-15 12:00:00
veracode
veracode
Denial Of Service (DoS)
2020-12-31 16:52:55
prion
prion
Null pointer dereference
2020-12-15 17:15:00
ubuntucve
ubuntucve
CVE-2020-29571
2020-12-15 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:3915-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3881-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3914-1)
2021-04-19 00:00:00
suse
suse
Security update for xen (moderate)
2020-12-22 00:00:00
Security update for xen (moderate)
2020-12-26 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: xen-4.13.2-5.fc32
2020-12-25 01:27:27
[SECURITY] Fedora 33 Update: xen-4.14.0-14.fc33
2020-12-25 01:24:46
debian
debian
[SECURITY] [DSA 4812-1] xen security update
2020-12-15 12:50:59
gentoo
gentoo
Xen: Multiple vulnerabilities
2021-07-12 00:00:00