Vulnerabilities > CVE-2019-17350 - Infinite Loop vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Misc. NASL id XEN_SERVER_XSA-295.NASL description According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by multiple denial of service (DoS) vulnerabilities : - A denial of service (DoS) vulnerability exists in the LoadExcl and StoreExcl operations due to a possible infinite loop. An unauthenticated, local attacker can exploit this issue, by accessing a memory region shared with the hypervisor while the hypervisor is performing an atomic operation on the same region, to cause the system to stop responding. (CVE-2019-17349) - A denial of service (DoS) vulnerability exists in the compare-and-exchange operation due to a possible infinite loop. An unauthenticated, local attacker can exploit this issue, by accessing a memory region shared with the hypervisor while the hypervisor is performing an atomic operation on the same region, to cause the system to stop responding. (CVE-2019-17350) Only Arm processors are affected by these vulnerabilities. x86 processors are not vulnerable. Note that Nessus has not attempted to exploit these issues but has instead relied only on the application last seen 2020-04-14 modified 2020-04-10 plugin id 135292 published 2020-04-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135292 title Xen Project Denial of Service (XSA-295) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4602.NASL description Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks. In addition this update provides mitigations for the last seen 2020-06-01 modified 2020-06-02 plugin id 132875 published 2020-01-15 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132875 title Debian DSA-4602-1 : xen - security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
References
- http://xenbits.xen.org/xsa/advisory-295.html
- http://xenbits.xen.org/xsa/advisory-295.html
- https://seclists.org/bugtraq/2020/Jan/21
- https://seclists.org/bugtraq/2020/Jan/21
- https://www.debian.org/security/2020/dsa-4602
- https://www.debian.org/security/2020/dsa-4602
- https://xenbits.xen.org/xsa/advisory-295.html
- https://xenbits.xen.org/xsa/advisory-295.html