Note:
This project will be discontinued after December 13, 2021. [more]
2019-10-08
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEM_exchange was introduced.
| Products | Debian_linux, Xen |
| Type | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CWE-362) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://xenbits.xen.org/xsa/advisory-287.html
• http://xenbits.xen.org/xsa/advisory-287.html • http://www.openwall.com/lists/oss-security/2019/10/25/2 • https://www.debian.org/security/2020/dsa-4602 • https://seclists.org/bugtraq/2020/Jan/21 |