Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2020-11741

Date: April 14, 2020

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenoprof code uses the standard Xen shared ring structure. Unfortunately, this code did not treat the guest as a potential adversary: it trusts the guest not to modify buffer size information or modify head / tail pointers in unexpected ways. This can crash the host (DoS). Privilege escalation cannot be ruled out.

Language: C

Severity Score

Related Resources (15)

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NVTP4OYHCTRU3ONFJOFJQVNDFB25KLLG/
https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11741
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YMAW7D2MP6RE4BFI5BZWOBBWGY3VSOFN/
https://security-tracker.debian.org/tracker/CVE-2020-11741
https://security.alpinelinux.org/vuln/CVE-2020-11741
https://xenbits.xen.org/xsa/advisory-313.html
https://nvd.nist.gov/vuln/detail/CVE-2020-11741
https://security.gentoo.org/glsa/202005-08
https://www.debian.org/security/2020/dsa-4723
https://access.redhat.com/security/cve/CVE-2020-11741
http://www.openwall.com/lists/oss-security/2020/04/14/1
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5M2XRNCHOGGTJQBZQJ7DCV6ZNAKN3LE2/
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00006.html
http://xenbits.xen.org/xsa/advisory-313.html
https://www.mend.io/vulnerability-database/CVE-2020-11741

Severity Score

Weakness Type (CWE)

Missing Authorization

CWE-862

Missing Initialization of Resource

CWE-909

CVSS v3

Base Score:
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): PARTIAL

CVSS v2

Base Score:
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C): LOW
Integrity (I): NONE
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us