Lucene search

PRIOn knowledge basePRION:CVE-2020-29571

HistoryDec 15, 2020 - 5:15 p.m.

Null pointer dereference

2020-12-1517:15:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.0%

JSON

An issue was discovered in Xen through 4.14.x. A bounds check common to most operation time functions specific to FIFO event channels depends on the CPU observing consistent state. While the producer side uses appropriately ordered writes, the consumer side isn’t protected against re-ordered reads, and may hence end up de-referencing a NULL pointer. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system. Only Arm systems may be vulnerable. Whether a system is vulnerable depends on the specific CPU. x86 systems are not vulnerable.

CPENameOperatorVersion
debian_linuxeq10.0
fedoraeq32
fedoraeq33
xenge4.4.0
xenle4.14.0

Name	Operator	Version
debian_linux	eq	10.0
fedora	eq	32
fedora	eq	33
xen	ge	4.4.0
xen	le	4.14.0

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI/

security.gentoo.org/glsa/202107-30

www.debian.org/security/2020/dsa-4812

xenbits.xenproject.org/xsa/advisory-359.html