CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2020-28368 – Debian Security Advisory 4804-1
https://notcve.org/view.php?id=CVE-2020-28368
10 Nov 2020 — Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen. Xen versiones hasta 4.14.x, permite a administradores de Sistemas Operativos invitados obtener información confidencial (tales como claves AES desde fuera del invitado) por medio de un ... • http://www.openwall.com/lists/oss-security/2020/11/26/1 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-27670 – Debian Security Advisory 4804-1
https://notcve.org/view.php?id=CVE-2020-27670
22 Oct 2020 — An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated. Se detectó un problema en Xen versiones hasta 4.14.x, permitiendo a usuarios del Sistema Operativo invitado x86 causar una denegación de servicio (corrupción de datos), causar una filtración de datos o posiblemente alcanzar privilegios porque una entrada de la tabla de páginas IOMMU ... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00075.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-27671 – Debian Security Advisory 4804-1
https://notcve.org/view.php?id=CVE-2020-27671
22 Oct 2020 — An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled. Se detectó un problema en Xen versiones hasta 4.14.x, permitiendo a usuarios de SO invitado HVM y PVH de x86 causar una denegación de servicio (corrupción de datos), causar una filtración de datos o posiblemente alcanzar privilegios porque la combinación de descargas... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00075.html •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-27672 – Debian Security Advisory 4804-1
https://notcve.org/view.php?id=CVE-2020-27672
22 Oct 2020 — An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages. Se detectó un problema en Xen versiones hasta 4.14.x, permitiendo a usuarios del SO invitado x86 causar una denegación de servicio del SO host, lograr una corrupción de datos o posiblemente alcanzar privilegios mediante la explotación de una condici... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00075.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2020-27673 – Ubuntu Security Notice USN-4751-1
https://notcve.org/view.php?id=CVE-2020-27673
22 Oct 2020 — An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271. Se detectó un problema en el kernel de Linux versiones hasta 5.9.1, como es usado con Xen versiones hasta 4.14.x. Los usuarios del Sistema Operativo invitado pueden causar una denegación de servicio (suspensión del Sistema Operativo host) por medio de una alta tasa de eventos en dom0, también se c... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00075.html •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-27674 – Debian Security Advisory 4804-1
https://notcve.org/view.php?id=CVE-2020-27674
22 Oct 2020 — An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique. Se detectó un problema en Xen versiones hasta 4.14.x, permitiendo a usuarios de SO invitado de PV x86 alcanzar privilegios de SO invitado modificando el contenido de la memoria del kernel, porque una invalidación de las entradas TLB es manejada inapropiadamente durante el ... • http://www.openwall.com/lists/oss-security/2021/01/19/5 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-25603 – Ubuntu Security Notice USN-5617-1
https://notcve.org/view.php?id=CVE-2020-25603
23 Sep 2020 — An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate memory barrier (e.g., smp_*mb()) to prevent both the compiler and CPU from re-ordering access. A malicious guest may be able to cause a hypervisor crash resulting in a Denial of Service (DoS). • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00008.html • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-25596 – Ubuntu Security Notice USN-5617-1
https://notcve.org/view.php?id=CVE-2020-25596
23 Sep 2020 — An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault, and incorrectly delivers it twice to the guest. This causes the guest kernel to observe a kernel-privilege #GP fault (typically fatal) rather than a user-privilege #GP fault (usually converted into SIGSEGV/etc.). Malicious or buggy userspace can crash the guest... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00008.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2020-25604 – Ubuntu Security Notice USN-5617-1
https://notcve.org/view.php?id=CVE-2020-25604
23 Sep 2020 — An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also operating on the timers) to release a lock that it didn't acquire. The most likely effect of the issue is a hang or crash of the hypervisor, i.e., a Denial of Service (DoS). All versions of Xen are affected. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00008.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.0EPSS: 0%CPEs: 6EXPL: 0CVE-2020-25602 – Ubuntu Security Notice USN-5617-1
https://notcve.org/view.php?id=CVE-2020-25602
23 Sep 2020 — An issue was discovered in Xen through 4.14.x. An x86 PV guest can trigger a host OS crash when handling guest access to MSR_MISC_ENABLE. When a guest accesses certain Model Specific Registers, Xen first reads the value from hardware to use as the basis for auditing the guest access. For the MISC_ENABLE MSR, which is an Intel specific MSR, this MSR read is performed without error handling for a #GP fault, which is the consequence of trying to read this MSR on non-Intel hardware. A buggy or malicious PV gues... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00008.html • CWE-755: Improper Handling of Exceptional Conditions •