CVE-2020-27673

Name
CVE-2020-27673
Description
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Patch https://xenbits.xen.org/xsa/advisory-332.html
Patch https://github.com/torvalds/linux/commit/e99502f76271d6bc4e374fe368c50c67a1fd3070
Patch https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e99502f76271d6bc4e374fe368c50c67a1fd3070
SUSE http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00075.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00025.html
GENTOO https://security.gentoo.org/glsa/202011-06
MLIST https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html
MLIST https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html
MLIST http://www.openwall.com/lists/oss-security/2021/01/19/6

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= None <= 5.9.1
cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:* xen >= None <= 4.14.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
xen 3.10-main 4.12.4-r0 None possibly vulnerable
xen 3.12-main 4.13.3-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
xen 3.11-main 4.13.3-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable