6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.1 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:P/I:P/A:C
xen is vulnerable to denial of service. An attacker is able to crash the application due to insecure logic in the handling of event channel operations.
lists.opensuse.org/opensuse-security-announce/2020-10/msg00008.html
lists.fedoraproject.org/archives/list/[email protected]/message/4JRXMKEMQRQYWYEPHVBIWUEAVQ3LU4FN/
lists.fedoraproject.org/archives/list/[email protected]/message/DA633Y3G5KX7MKRN4PFEGM3IVTJMBEOM/
lists.fedoraproject.org/archives/list/[email protected]/message/RJZERRBJN6E6STDCHT4JHP4MI6TKBCJE/
security.gentoo.org/glsa/202011-06
www.debian.org/security/2020/dsa-4769
xenbits.xen.org/xsa/advisory-338.html
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6.1 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:P/I:P/A:C