Lucene search

K
xenXen ProjectXSA-332
HistoryOct 20, 2020 - 11:49 a.m.

Rogue guests can cause DoS of Dom0 via high frequency events

2020-10-2011:49:00
Xen Project
xenbits.xen.org
23

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

13.1%

ISSUE DESCRIPTION

The handling of Xen events in the Linux kernel runs with interrupts disabled in a loop until no further event is pending.
Whenever an event has been accepted by the kernel, another event can come in via the same event channel. This can result in the event handling loop running for an extended time if new events are coming in at a high rate. In extreme cases this can lead to a complete hang of the kernel, resulting in a DoS situation of the host when dom0 is affected.

IMPACT

Malicious guests can hang the host by sending events to dom0 at a high frequency.

VULNERABLE SYSTEMS

All systems with a Linux dom0 are affected.
All Linux kernel versions are affected.

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

13.1%