Lucene search

PRIOn knowledge basePRION:CVE-2020-27674

HistoryOct 22, 2020 - 9:15 p.m.

Design/Logic Flaw

2020-10-2221:15:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.6%

JSON

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.

CPENameOperatorVersion
debian_linuxeq10.0
fedoraeq31
fedoraeq32
fedoraeq33
xenle4.14.0

Name	Operator	Version
debian_linux	eq	10.0
fedora	eq	31
fedora	eq	32
fedora	eq	33
xen	le	4.14.0

References

www.openwall.com/lists/oss-security/2021/01/19/5

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZAM3LYJ5TZLSSNL3KXFILM46QKVTOUA/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3U4LNKKXU4UP4Z5XP6TMIWSML3QODPE/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XIK57QJOVOPWH6RFRNMGOBCROBCKMDG2/

security.gentoo.org/glsa/202011-06

www.debian.org/security/2020/dsa-4804

xenbits.xen.org/xsa/advisory-286.html