Denial Of Service (DoS)

2021-09-0906:17:48

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

14.2%

JSON

xen:edge is vulnerable to denial of service. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing guests to retain access to pages that were freed and perhaps re-used for other purposes. Unfortunately, when XSA-379 was being prepared, this similar issue was not noticed.

CPENameOperatorVersion
xen:edgeeq4.13.0-r3
xen:edgeeq4.14.1-r4
xen:edgeeq4.14.1-r3
xen:edgeeq4.15.0-r1
xen:edgeeq4.15.0-r0
xen:edgeeq4.13.0-r4
xen:edgeeq4.14.1-r5
xen:edgeeq4.13.0-r2
xen:3.13eq4.14.1-r2
xen:3.13eq4.14.1-r3

Name	Operator	Version
xen:edge	eq	4.13.0-r3
xen:edge	eq	4.14.1-r4
xen:edge	eq	4.14.1-r3
xen:edge	eq	4.15.0-r1
xen:edge	eq	4.15.0-r0
xen:edge	eq	4.13.0-r4
xen:edge	eq	4.14.1-r5
xen:edge	eq	4.13.0-r2
xen:3.13	eq	4.14.1-r2
xen:3.13	eq	4.14.1-r3