Max CVSS | 6.9 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-27673 | 4.9 |
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
|
22-08-2023 - 15:16 | 22-10-2020 - 21:15 | |
CVE-2020-25597 | 6.1 |
An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not be
|
10-02-2023 - 17:00 | 23-09-2020 - 22:15 | |
CVE-2020-25595 | 6.1 |
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strict
|
08-12-2022 - 03:12 | 23-09-2020 - 21:15 | |
CVE-2020-25598 | 2.1 |
An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource error path. The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path in the XENMEM_acquire_resource exits without releasi
|
02-12-2022 - 20:13 | 23-09-2020 - 22:15 | |
CVE-2020-25596 | 2.1 |
An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault,
|
21-11-2022 - 14:24 | 23-09-2020 - 22:15 | |
CVE-2020-27670 | 6.9 |
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.
|
07-10-2022 - 15:24 | 22-10-2020 - 21:15 | |
CVE-2020-25602 | 4.6 |
An issue was discovered in Xen through 4.14.x. An x86 PV guest can trigger a host OS crash when handling guest access to MSR_MISC_ENABLE. When a guest accesses certain Model Specific Registers, Xen first reads the value from hardware to use as the ba
|
30-09-2022 - 03:44 | 23-09-2020 - 22:15 | |
CVE-2020-25604 | 1.9 |
An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also o
|
30-09-2022 - 03:44 | 23-09-2020 - 22:15 | |
CVE-2020-25603 | 4.6 |
An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is
|
28-04-2022 - 18:19 | 23-09-2020 - 22:15 | |
CVE-2020-25601 | 4.9 |
An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of the
|
28-04-2022 - 18:19 | 23-09-2020 - 22:15 | |
CVE-2020-25599 | 4.4 |
An issue was discovered in Xen through 4.14.x. There are evtchn_reset() race conditions. Uses of EVTCHNOP_reset (potentially by a guest on itself) or XEN_DOMCTL_soft_reset (by itself covered by XSA-77) can lead to the violation of various internal as
|
28-04-2022 - 18:19 | 23-09-2020 - 22:15 | |
CVE-2020-25600 | 4.9 |
An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs 64-bi
|
28-04-2022 - 18:19 | 23-09-2020 - 22:15 | |
CVE-2020-27674 | 4.6 |
An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.
|
26-04-2022 - 16:29 | 22-10-2020 - 21:15 | |
CVE-2020-27675 | 4.7 |
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL point
|
26-04-2022 - 16:29 | 22-10-2020 - 21:15 | |
CVE-2020-27671 | 6.9 |
An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.
|
26-04-2022 - 16:23 | 22-10-2020 - 21:15 | |
CVE-2020-27672 | 6.9 |
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB
|
26-04-2022 - 16:23 | 22-10-2020 - 21:15 | |
CVE-2020-25600 | 5.0 |
An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs 64-bi
|
01-10-2020 - 06:15 | 23-09-2020 - 22:15 | |
CVE-2020-25596 | 5.0 |
An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault,
|
01-10-2020 - 06:15 | 23-09-2020 - 22:15 | |
CVE-2020-25595 | 5.0 |
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strict
|
01-10-2020 - 06:15 | 23-09-2020 - 21:15 | |
CVE-2020-25604 | 1.9 |
An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also o
|
01-10-2020 - 06:15 | 23-09-2020 - 22:15 | |
CVE-2020-25597 | 5.0 |
An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not be
|
01-10-2020 - 06:15 | 23-09-2020 - 22:15 | |
CVE-2020-25602 | 5.0 |
An issue was discovered in Xen through 4.14.x. An x86 PV guest can trigger a host OS crash when handling guest access to MSR_MISC_ENABLE. When a guest accesses certain Model Specific Registers, Xen first reads the value from hardware to use as the ba
|
01-10-2020 - 06:15 | 23-09-2020 - 22:15 | |
CVE-2020-25603 | 5.0 |
An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is
|
01-10-2020 - 06:15 | 23-09-2020 - 22:15 | |
CVE-2020-25598 | 5.0 |
An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource error path. The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path in the XENMEM_acquire_resource exits without releasi
|
01-10-2020 - 06:15 | 23-09-2020 - 22:15 | |
CVE-2020-25599 | 5.0 |
An issue was discovered in Xen through 4.14.x. There are evtchn_reset() race conditions. Uses of EVTCHNOP_reset (potentially by a guest on itself) or XEN_DOMCTL_soft_reset (by itself covered by XSA-77) can lead to the violation of various internal as
|
01-10-2020 - 06:15 | 23-09-2020 - 22:15 | |
CVE-2020-25601 | 5.0 |
An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of the
|
01-10-2020 - 06:15 | 23-09-2020 - 22:15 | |
CVE-2020-25604 | 1.9 |
An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also o
|
29-09-2020 - 19:00 | 23-09-2020 - 22:15 | |
CVE-2020-25601 | 5.0 |
An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of the
|
27-09-2020 - 02:15 | 23-09-2020 - 22:15 | |
CVE-2020-25599 | 5.0 |
An issue was discovered in Xen through 4.14.x. There are evtchn_reset() race conditions. Uses of EVTCHNOP_reset (potentially by a guest on itself) or XEN_DOMCTL_soft_reset (by itself covered by XSA-77) can lead to the violation of various internal as
|
27-09-2020 - 02:15 | 23-09-2020 - 22:15 | |
CVE-2020-25597 | 5.0 |
An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not be
|
27-09-2020 - 02:15 | 23-09-2020 - 22:15 | |
CVE-2020-25595 | 5.0 |
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strict
|
27-09-2020 - 02:15 | 23-09-2020 - 21:15 | |
CVE-2020-25600 | 5.0 |
An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs 64-bi
|
27-09-2020 - 02:15 | 23-09-2020 - 22:15 | |
CVE-2020-25598 | 5.0 |
An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource error path. The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path in the XENMEM_acquire_resource exits without releasi
|
27-09-2020 - 02:15 | 23-09-2020 - 22:15 | |
CVE-2020-25596 | 5.0 |
An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault,
|
27-09-2020 - 02:15 | 23-09-2020 - 22:15 | |
CVE-2020-25603 | 5.0 |
An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is
|
27-09-2020 - 02:15 | 23-09-2020 - 22:15 | |
CVE-2020-25602 | 5.0 |
An issue was discovered in Xen through 4.14.x. An x86 PV guest can trigger a host OS crash when handling guest access to MSR_MISC_ENABLE. When a guest accesses certain Model Specific Registers, Xen first reads the value from hardware to use as the ba
|
27-09-2020 - 02:15 | 23-09-2020 - 22:15 |