Lucene search

PRIOn knowledge basePRION:CVE-2020-27674

HistoryOct 22, 2020 - 9:15 p.m.

Design/Logic Flaw

2020-10-2221:15:00

PRIOn knowledge base

www.prio-n.com

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

17.6%

JSON

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.

References

www.openwall.com/lists/oss-security/2021/01/19/5

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZAM3LYJ5TZLSSNL3KXFILM46QKVTOUA/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3U4LNKKXU4UP4Z5XP6TMIWSML3QODPE/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XIK57QJOVOPWH6RFRNMGOBCROBCKMDG2/

security.gentoo.org/glsa/202011-06

www.debian.org/security/2020/dsa-4804

xenbits.xen.org/xsa/advisory-286.html