Lucene search
Veracode Vulnerability DatabaseVERACODE:29094HistoryJan 21, 2021 - 4:35 p.m.
Privilege Escalation
2021-01-2116:35:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20
EPSS
0
Percentile
14.2%
xen is vulnerable to privilege escalation. The vulnerability exists through a data leak caused by an AMD IOMMU page-table entry that can be half-updated.
References
lists.opensuse.org/opensuse-security-announce/2020-10/msg00075.html
lists.opensuse.org/opensuse-security-announce/2020-11/msg00025.html
www.openwall.com/lists/oss-security/2021/01/19/9
xenbits.xen.org/xsa/advisory-347.html
lists.fedoraproject.org/archives/list/[email protected]/message/XIK57QJOVOPWH6RFRNMGOBCROBCKMDG2/
secdb.alpinelinux.org/v3.10/main.yaml
secdb.alpinelinux.org/v3.11/main.yaml
secdb.alpinelinux.org/v3.12/main.yaml
security.gentoo.org/glsa/202011-06
www.debian.org/security/2020/dsa-4804
xenbits.xen.org/xsa/advisory-347.html
Related
cve
cve
CVE-2020-27670
2020-10-22 21:15:13
xen
xen
unsafe AMD IOMMU page table updates
2020-10-20 11:49:00
cvelist
cvelist
CVE-2020-27670
2020-10-22 20:34:22
prion
prion
Design/Logic Flaw
2020-10-22 21:15:00
debiancve
debiancve
CVE-2020-27670
2020-10-22 21:15:13
osv
osv
CVE-2020-27670
2020-10-22 21:15:13
xen - security update
2020-12-04 00:00:00
nvd
nvd
CVE-2020-27670
2020-10-22 21:15:13
redhatcve
redhatcve
CVE-2020-27670
2020-10-23 19:05:02
ubuntucve
ubuntucve
CVE-2020-27670
2020-10-22 00:00:00
nessus
nessus
Xen unsafe AMD IOMMU page table updates (XSA-347)
2021-05-06 00:00:00
openSUSE Security Update : xen (openSUSE-2020-1844)
2020-11-06 00:00:00
openSUSE Security Update : xen (openSUSE-2020-1783)
2020-11-02 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: xen-4.12.3-8.fc31
2020-11-20 01:29:24
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:3050-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3088-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3051-1)
2021-06-09 00:00:00
suse
suse
Security update for xen (important)
2020-10-31 00:00:00
Security update for xen (important)
2020-11-06 00:00:00
Security update for xen (important)
2020-12-05 00:00:00
debian
debian
[SECURITY] [DSA 4804-1] xen security update
2020-12-04 18:15:26
citrix
citrix
Citrix Hypervisor Security Update
2020-10-27 04:00:00
gentoo
gentoo
Xen: Multiple vulnerabilities
2020-11-11 00:00:00