vulnerability
Ubuntu: (Multiple Advisories) (CVE-2020-11740): Xen vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | 2020-04-14 | 2022-09-20 | 2024-10-23 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
2020-04-14
Added
2022-09-20
Modified
2024-10-23
Description
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not scrubbed.
Solution(s)
ubuntu-upgrade-libxendevicemodel1ubuntu-upgrade-libxenevtchn1ubuntu-upgrade-libxengnttab1ubuntu-upgrade-libxenmisc4-11ubuntu-upgrade-xen-hypervisor-4-11-amd64ubuntu-upgrade-xen-hypervisor-4-11-arm64ubuntu-upgrade-xen-hypervisor-4-11-armhfubuntu-upgrade-xen-utils-4-11ubuntu-upgrade-xen-utils-commonubuntu-upgrade-xenstore-utils
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.