Versio.io

CVE-2020-15564

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 07-07-2020 03:15
Last modified: - 03-05-2022 03:57
Total changes: - 3

Description

An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOP_register_vcpu_info. The hypercall VCPUOP_register_vcpu_info is used by a guest to register a shared region with the hypervisor. The region will be mapped into Xen address space so it can be directly accessed. On Arm, the region is accessed with instructions that require a specific alignment. Unfortunately, there is no check that the address provided by the guest will be correctly aligned. As a result, a malicious guest could cause a hypervisor crash by passing a misaligned address. A malicious guest administrator may cause a hypervisor crash, resulting in a Denial of Service (DoS). All Xen versions are vulnerable. Only Arm systems are vulnerable. x86 systems are not affected.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Low
Attack complexity
Local
Attack vector
High
Availability
None
Confidentiality
None
Integrity
Low
Privileges required
Changed
Scope
None
User interaction
6.5
Base score
2.0
4.0
Exploitability score
Impact score
 

Verification logic

OR
OR
vendor=xen AND product=xen AND target_hardware=arm AND versionEndIncluding=4.13.1 AND versionStartIncluding=4.8.0
OR
vendor=Debian AND product=debian_linux AND version=10.0
OR
vendor=fedoraproject AND product=fedora AND version=31
vendor=fedoraproject AND product=fedora AND version=32
 

Reference

 


Keywords

NVD

 

CVE-2020-15564

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.