CVE-2020-27673
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
22/10/2020
Last modified:
22/08/2023
Description
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Base Score 2.0
4.90
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 2.6.12 (including) | 4.4.244 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.5.0 (including) | 4.9.244 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.10.0 (including) | 4.14.207 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.15.0 (including) | 4.19.155 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20.0 (including) | 5.4.75 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5.0 (including) | 5.9.5 (excluding) |
cpe:2.3:o:linux:linux_kernel:5.10:rc1:*:*:*:*:*:* | ||
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | ||
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* | ||
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:* | ||
cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:* | 4.14.0 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00075.html
- http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00025.html
- http://www.openwall.com/lists/oss-security/2021/01/19/6
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e99502f76271d6bc4e374fe368c50c67a1fd3070
- https://github.com/torvalds/linux/commit/e99502f76271d6bc4e374fe368c50c67a1fd3070
- https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html
- https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html
- https://security.gentoo.org/glsa/202011-06
- https://xenbits.xen.org/xsa/advisory-332.html