Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2020-6DD36A716C.NASLHistoryNov 20, 2020 - 12:00 a.m.
Fedora 31 : xen (2020-6dd36a716c)
2020-11-2000:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
28
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
17.6%
revised patch for XSA-286 (mitigating performance impact)
x86 PV guest INVLPG-like flushes may leave stale TLB entries [XSA-286, CVE-2020-27674] (#1891092)
x86: Race condition in Xen mapping code [XSA-345] undue deferral of IOMMU TLB flushes [XSA-346] unsafe AMD IOMMU page table updates [XSA-347]
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2020-6dd36a716c.
#
include('compat.inc');
if (description)
{
script_id(143135);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/08");
script_cve_id(
"CVE-2020-27670",
"CVE-2020-27671",
"CVE-2020-27672",
"CVE-2020-27674"
);
script_xref(name:"FEDORA", value:"2020-6dd36a716c");
script_name(english:"Fedora 31 : xen (2020-6dd36a716c)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing a security update.");
script_set_attribute(attribute:"description", value:
"revised patch for XSA-286 (mitigating performance impact)
----
x86 PV guest INVLPG-like flushes may leave stale TLB entries [XSA-286,
CVE-2020-27674] (#1891092)
----
x86: Race condition in Xen mapping code [XSA-345] undue deferral of
IOMMU TLB flushes [XSA-346] unsafe AMD IOMMU page table updates
[XSA-347]
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2020-6dd36a716c");
script_set_attribute(attribute:"solution", value:
"Update the affected xen package.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-27672");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-27671");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/10/22");
script_set_attribute(attribute:"patch_publication_date", value:"2020/11/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/11/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:xen");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:31");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^31([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 31", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC31", reference:"xen-4.12.3-8.fc31")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xen");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | xen | p-cpe:/a:fedoraproject:fedora:xen |
| fedoraproject | fedora | 31 | cpe:/o:fedoraproject:fedora:31 |
Related
fedora
fedora
[SECURITY] Fedora 31 Update: xen-4.12.3-8.fc31
2020-11-20 01:29:24
[SECURITY] Fedora 32 Update: xen-4.13.2-1.fc32
2020-11-12 03:16:18
[SECURITY] Fedora 33 Update: xen-4.14.0-9.fc33
2020-11-12 03:08:44
openvas
openvas
Fedora: Security Advisory for xen (FEDORA-2020-6dd36a716c)
2020-11-22 00:00:00
Debian: Security Advisory (DSA-4804-1)
2020-12-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3742-1)
2021-04-19 00:00:00
suse
suse
Security update for xen (important)
2020-12-05 00:00:00
Security update for xen (important)
2020-12-07 00:00:00
Security update for xen (important)
2020-10-31 00:00:00
nessus
nessus
SUSE SLES12 Security Update : xen (SUSE-SU-2020:3742-1)
2020-12-11 00:00:00
Debian DSA-4804-1 : xen - security update
2020-12-07 00:00:00
SUSE SLES12 Security Update : xen (SUSE-SU-2020:3631-1)
2020-12-09 00:00:00
osv
osv
xen - security update
2020-12-04 00:00:00
CVE-2020-27674
2020-10-22 21:15:14
CVE-2020-27670
2020-10-22 21:15:13
debian
debian
[SECURITY] [DSA 4804-1] xen security update
2020-12-04 18:15:26
citrix
citrix
Citrix Hypervisor Security Update
2020-10-27 04:00:00
xen
xen
x86 PV guest INVLPG-like flushes may leave stale TLB entries
2020-10-20 11:49:00
unsafe AMD IOMMU page table updates
2020-10-20 11:49:00
undue deferral of IOMMU TLB flushes
2020-10-20 11:49:00
cvelist
cvelist
cve
cve
veracode
veracode
Privilege Escalation
2021-01-21 16:35:11
Privilege Escalation
2021-01-21 16:35:10
CVE-2020-27674
2021-01-21 16:35:09
redhatcve
redhatcve
prion
prion
Design/Logic Flaw
2020-10-22 21:15:00
Design/Logic Flaw
2020-10-22 21:15:00
Design/Logic Flaw
2020-10-22 21:15:00
ubuntucve
ubuntucve
debiancve
debiancve
nvd
nvd
gentoo
gentoo
Xen: Multiple vulnerabilities
2020-11-11 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
17.6%
Related for FEDORA_2020-6DD36A716C.NASL