CVE-2020-29571

{"id": "CVE-2020-29571", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}]}, "published": "2020-12-15T17:15:14.817", "references": [{"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA/", "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI/", "source": "cve@mitre.org"}, {"url": "https://security.gentoo.org/glsa/202107-30", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2020/dsa-4812", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://xenbits.xenproject.org/xsa/advisory-359.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/202107-30", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.debian.org/security/2020/dsa-4812", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://xenbits.xenproject.org/xsa/advisory-359.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Xen through 4.14.x. A bounds check common to most operation time functions specific to FIFO event channels depends on the CPU observing consistent state. While the producer side uses appropriately ordered writes, the consumer side isn't protected against re-ordered reads, and may hence end up de-referencing a NULL pointer. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system. Only Arm systems may be vulnerable. Whether a system is vulnerable depends on the specific CPU. x86 systems are not vulnerable."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Xen versiones hasta 4.14.x. Una comprobaci\u00f3n de l\u00edmites com\u00fan a la mayor\u00eda de las funciones de tiempo de operaci\u00f3n espec\u00edficas de los canales de eventos FIFO depende de que la CPU observe un estado consistente. Si bien el lado del productor usa escrituras ordenadas apropiadamente, el lado del consumidor no est\u00e1 protegido contra las lecturas reordenadas y, por lo tanto, puede terminar desreferenciando un puntero NULL. Los kernels invitados maliciosos o con errores pueden montar un ataque de Denegaci\u00f3n de Servicio (DoS) que afecte a todo el System. Solo los sistemas Arm pueden ser vulnerables. La vulnerabilidad de un System depende de la CPU espec\u00edfica. Los Sistemas x86 no son vulnerables"}], "lastModified": "2024-11-21T05:24:13.790", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:arm:*", "vulnerable": true, "matchCriteriaId": "8E784824-DC8F-4F3B-9412-F9FFC4CF8540", "versionEndIncluding": "4.14.0", "versionStartIncluding": "4.4.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}