Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-11741

Опубликовано: 14 апр. 2020
Источник: nvd
CVSS3: 8.8
CVSS2: 6.9
EPSS Низкий

Описание

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenoprof code uses the standard Xen shared ring structure. Unfortunately, this code did not treat the guest as a potential adversary: it trusts the guest not to modify buffer size information or modify head / tail pointers in unexpected ways. This can crash the host (DoS). Privilege escalation cannot be ruled out.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*
Версия до 4.13.0 (включая)
cpe:2.3:o:xen:xen:4.13.0:rc1:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.13.0:rc2:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Конфигурация 4
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

EPSS

Процентиль: 30%
0.00113
Низкий

8.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-909

Связанные уязвимости

ubuntu логотип

CVE-2020-11741

CVSS3: 8.8
ubuntu
почти 6 лет назад

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenoprof code uses the standard Xen shared ring structure. Unfortunately, this code did not treat the guest as a potential adversary: it trusts the guest not to modify buffer size information or modify head / tail pointers in unexpected ways. This can crash the host (DoS). Privilege escalation cannot be ruled out.

redhat логотип

CVE-2020-11741

CVSS3: 8.1
redhat
почти 6 лет назад

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenoprof code uses the standard Xen shared ring structure. Unfortunately, this code did not treat the guest as a potential adversary: it trusts the guest not to modify buffer size information or modify head / tail pointers in unexpected ways. This can crash the host (DoS). Privilege escalation cannot be ruled out.

debian логотип

CVE-2020-11741

CVSS3: 8.8
debian
почти 6 лет назад

An issue was discovered in xenoprof in Xen through 4.13.x, allowing gu ...

github логотип

GHSA-xqc2-qqq8-xfj5

CVSS3: 8.8
github
больше 3 лет назад

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenoprof code uses the standard Xen shared ring structure. Unfortunately, this code did not treat the guest as a potential adversary: it trusts the guest not to modify buffer size information or modify head / tail pointers in unexpected ways. This can crash the host (DoS). Privilege escalation cannot be ruled out.

suse-cvrf логотип

openSUSE-SU-2020:0599-1

suse-cvrf
почти 6 лет назад

Security update for xen

EPSS

Процентиль: 30%
0.00113
Низкий

8.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-909