Back to search
CVE-2020-29485
Published: Dec 15, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XS_RESET_WATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are vulnerable. Systems using the C Xenstored implementation are not vulnerable.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://xenbits.xenproject.org/xsa/advisory-330.txt
x_refsource_MISC
DSA-4812
vendor-advisory
x_refsource_DEBIAN
FEDORA-2020-64859a826b
vendor-advisory
x_refsource_FEDORA
FEDORA-2020-df772b417b
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now