Published: 22/10/2020 Updated: 07/11/2023

CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1

VMScore: 418

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

An issue exists in the Linux kernel up to and including 5.9.1, as used with Xen up to and including 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device, aka CID-073d0552ead5.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
fedoraproject fedora 31
fedoraproject fedora 32
fedoraproject fedora 33
debian debian linux 9.0

A use-after-free flaw was found in the debugfs_remove function in the Linux kernel The flaw could allow a local attacker with special user (or root) privilege to crash the system at the time of file or directory removal This vulnerability can lead to a kernel information leak The highest threat from this vulnerability is to system availability ...

A flaw was found in the Linux kernel A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (CVE-2020-14351) ...

A use-after-free flaw was found in the debugfs_remove function in the Linux kernel The flaw could allow a local attacker with special user (or root) privilege to crash the system at the time of file or directory removal This vulnerability can lead to a kernel information leak The highest threat from this vulnerability is to system availability ...

An issue was discovered in the Linux kernel through 591, as used with Xen through 414x drivers/xen/events/events_basec allows event-channel removal during the event-handling loop (a race condition) This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized ...

Description of Problem Several security issues have been identified in Citrix Hypervisor (formerly Citrix XenServer) that may allow: unprivileged code in a PV guest VM to compromise that PV guest VM privileged code in a guest VM to cause the host to crash or become unresponsive privileged code in an HVM guest VM, to which the host administrator has ...

oss-sec mailing list archives   By Date By Thread </form>    Xen Security Advisory 331 v3 (CVE-2020-27675) - Race condition in Linux event handler may crash dom0 <!--X-Subject-Header-End- ...

CWE-362 CWE-476 CWE-416 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073d0552ead5bfc7a3a9c01de590e924f11b5dd2 https://github.com/torvalds/linux/commit/073d0552ead5bfc7a3a9c01de590e924f11b5dd2 https://xenbits.xen.org/xsa/advisory-331.html https://security.gentoo.org/glsa/202011-06 https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html http://www.openwall.com/lists/oss-security/2021/01/19/3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ZG6TZLD23QO3PV2AN2HB625ZX47ALTT/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6USZ4APZSBQDHGJLJMHW5JBN4QZV6SKZ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNF2R7FUT4IOJ2RIRGQ7X5R4F4FVVLSR/https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2021-1461.html

CVE-2020-27675

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect