CVE-2020-25602

2020-09-22T18:39:59
ID RH:CVE-2020-25602
Type redhatcve
Reporter redhat.com
Modified 2020-10-06T11:51:43

Description

A flaw was found in Xen, specifically when a guest accesses certain Model Specific Registers where Xen first reads the value from hardware to use as the basis for auditing the guest access. For the MISC_ENABLE MSR, an Intel specific MSR, this MSR read is performed without error handling for a #GP fault, which is the consequence of trying to read this MSR on non-Intel hardware. This flaw allows an unprivileged guest to crash Xen, leading to a denial of service (DoS) for the entire system. The highest threat from this vulnerability is to system availability.

Mitigation

Running only HVM/PVH guests avoids the vulnerability.