Back to search
CVE-2020-29568
Published: Dec 15, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OOM in the backend. All systems with a FreeBSD, Linux, or NetBSD (any version) dom0 are vulnerable.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://xenbits.xenproject.org/xsa/advisory-349.html
x_refsource_MISC
DSA-4843
vendor-advisory
x_refsource_DEBIAN
[debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update
mailing-list
x_refsource_MLIST
GLSA-202107-30
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now