CVE-2020-11741

Publication date 14 April 2020

Last updated 24 July 2024


Ubuntu priority

Cvss 3 Severity Score

8.8 · High

Score breakdown

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenoprof code uses the standard Xen shared ring structure. Unfortunately, this code did not treat the guest as a potential adversary: it trusts the guest not to modify buffer size information or modify head / tail pointers in unexpected ways. This can crash the host (DoS). Privilege escalation cannot be ruled out.

Read the notes from the security team

Status

Package Ubuntu Release Status
xen 24.10 oracular
Not affected
24.04 LTS noble
Not affected
23.10 mantic
Not affected
23.04 lunar
Not affected
22.10 kinetic
Not affected
22.04 LTS jammy
Not affected
21.10 impish Ignored end of life
21.04 hirsute Ignored end of life
20.10 groovy Ignored end of life
20.04 LTS focal
Fixed 4.11.3+24-g14b62ab3e5-1ubuntu2.3
19.10 eoan Ignored end of life
18.04 LTS bionic
Vulnerable
16.04 LTS xenial
Vulnerable
14.04 LTS trusty Not in release

Notes


mdeslaur

hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary

Severity score breakdown

Parameter Value
Base score 8.8 · High
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Changed
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H