SB2020041909 - Missing Authorization in xen (Alpine package)
Published: April 19, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Missing Authorization (CVE-ID: CVE-2020-11741)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
An issue was discovered in xenoprof in Xen through 4.13.x, allowing
guest OS users (with active profiling) to obtain sensitive information
about other guests, cause a denial of service, or possibly gain
privileges. For guests for which "active" profiling
was enabled by the administrator, the xenoprof code uses the standard
Xen shared ring structure. Unfortunately, this code did not treat the
guest as a potential adversary: it trusts the guest not to modify buffer
size information or modify head / tail pointers in unexpected ways. A remote user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=5c40dfc3f9763d20de339d8f1b694b48631d253b
- https://git.alpinelinux.org/aports/commit/?id=7c4c7fb75cb36f33395f8a86ae820e4fb9f8d59e
- https://git.alpinelinux.org/aports/commit/?id=95332e4ed106c72d58a0a5490d0f608e3d76b83e
- https://git.alpinelinux.org/aports/commit/?id=fa008233b860d6652d640df8ed23f5bdd8e42b9b
- https://git.alpinelinux.org/aports/commit/?id=05b5ec57508952a3bf13538e1f72d2a5e9357796