6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
13.3%
An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS
users to cause a hypervisor crash. An inverted conditional in x86 HVM
guests’ dirty video RAM tracking code allows such guests to make Xen
de-reference a pointer guaranteed to point at unmapped space. A malicious
or buggy HVM guest may cause the hypervisor to crash, resulting in Denial
of Service (DoS) affecting the entire host. Xen versions from 4.8 onwards
are affected. Xen versions 4.7 and earlier are not affected. Only x86
systems are affected. Arm systems are not affected. Only x86 HVM guests
using shadow paging can leverage the vulnerability. In addition, there
needs to be an entity actively monitoring a guest’s video frame buffer
(typically for display purposes) in order for such a guest to be able to
leverage the vulnerability. x86 PV guests, as well as x86 HVM guests using
hardware assisted paging (HAP), cannot leverage the vulnerability.
Author | Note |
---|---|
mdeslaur | hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary |
www.openwall.com/lists/oss-security/2020/07/07/3
xenbits.xen.org/xsa/advisory-319.html
launchpad.net/bugs/cve/CVE-2020-15563
nvd.nist.gov/vuln/detail/CVE-2020-15563
security-tracker.debian.org/tracker/CVE-2020-15563
ubuntu.com/security/notices/USN-5617-1
www.cve.org/CVERecord?id=CVE-2020-15563
xenbits.xen.org/xsa/advisory-319.html
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
13.3%