Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2020-29479

Published: 15/12/2020 Updated: 07/11/2023
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

An issue exists in Xen up to and including 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged guests can get and modify permissions, list, and delete the root node. (Deleting the whole xenstore tree is a host-wide denial of service.) Achieving xenstore write access is also possible. All systems using oxenstored are vulnerable. Building and using oxenstored is the default in the upstream Xen distribution, if the Ocaml compiler is available. Systems using C xenstored are not vulnerable.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

xen xen

debian debian linux 10.0

fedoraproject fedora 32

fedoraproject fedora 33

Vendor Advisories

Debian Security Advisories: DSA-4812-1 xen -- security update
Multiple vulnerabilities have been discovered in the Xen hypervisor: Several security issues affecting Xenstore could result in cross domain access (denial of service, information leaks or privilege escalation) or denial of service against xenstored Additional vulnerabilities could result in guest-to-host denial of service For the stable distribu ...
Citrix Security Bulletins: Citrix Hypervisor Security Update
Description of Problem Several security issues have been identified that, collectively, may allow privileged code running in a guest VM to compromise the host or cause a denial of service These vulnerabilities have the following identifiers:  CVE ID Description Vulnerability Type Pre-conditions CVE-2020-29479 An attacker with the ability to ...

Mailing Lists

Full Disclosure: Xen Security Advisory 353 v4 (CVE-2020-29479) - oxenstored: permissions not checked on root node
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Xen Security Advisory CVE-2020-29479 / XSA-353 version 4 oxenstored: permissions not checked on root node UPDATES IN VERSION 4 ==================== Public release ISSUE DESCRIPTION ================= In the Ocaml xenstored implementation, the ...

References

CWE-862https://xenbits.xenproject.org/xsa/advisory-353.htmlhttps://www.debian.org/security/2020/dsa-4812https://security.gentoo.org/glsa/202107-30https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA/https://nvd.nist.govhttps://www.debian.org/security/2020/dsa-4812
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380CVE-2024-1694local file inclusionCVE-2024-5645CVE-2024-24919XSSCVE-2024-36774CVE-2024-21306SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook