Xen INVLPG-like flushes may leave stale TLB entries privilege escalation (XSA-286)

A privilege escalation vulnerability exists in Xen x86 PV guest kernels due to mishandles invalidation of TLB entries An unauthenticated, local attacker x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during...

openSUSE Security Update : xen (openSUSE-2020-1844)

This update for xen fixes the following issues : - bsc1177409 - VUL-0: CVE-2020-27673: xen: x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 - bsc1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen mapping code XSA-345 - bsc1177413 - VUL-0: CVE-2020-27671: xen: undue...

CVE-2020-27674

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

CVE-2020-27674

CVE-2020-27674 is a Xen hypervisor local privilege escalation affecting Xen 4.14.x and earlier where x86 PV guests can gain guest OS privileges by modifying kernel memory contents due to mishandled invalidation of TLB entries in an INVLPG-like attack. The issue enables a local attacker to escalat...

x86 PV guest INVLPG-like flushes may leave stale TLB entries

ISSUE DESCRIPTION x86 PV guest kernels may use hypercalls with INVLPG-like behavior to invalidate TLB entries even after changes to non-leaf page tables. Such changes to non-leaf page tables will, however, also render stale possible TLB entries created by Xen's internal use of linear page tables ...