4 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-29485
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause...
Fedora 32 : xen (2020-df772b417b)
xenstore watch notifications lacking permission checks XSA-115, CVE-2020-29480 1908091 Xenstore: new domains inheriting existing node permissions XSA-322, CVE-2020-29481 1908095 Xenstore: wrong path length check XSA-323, CVE-2020-29482 1908096 Xenstore: guests can crash xenstored via watchs...
Fedora: Security Advisory for xen (FEDORA-2020-64859a826b)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-29485
CVE-2020-29485 concerns Xen 4.6–4.14.x where, on XS_RESET_WATCHES, Xenstored’s tracking information is not fully freed in the Ocaml Xenstored implementation, allowing unbounded memory growth and a system-wide DoS. The vulnerability affects hosts using the Ocaml Xenstored; the C Xenstored implemen...