← voltar
CVE-2020-15852

CVE-2020-15852

EPSS 0.3%
An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/torvalds/linux/commit/cadfad870154e14f745ec845708bc17d166065f2https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cadfad870154e14f745ec845708bc17d166065f2https://security.netapp.com/advisory/ntap-20200810-0001/http://www.openwall.com/lists/oss-security/2020/07/21/2http://xenbits.xen.org/xsa/advisory-329.html