CVE-2020-11740

MEDIUM

Xen 3.2.0-4.13.0 - Unauthenticated Sensitive Information Exposure via Unscrubbed Xenoprof Buffers

Title source: llm
STIX 2.1

Description

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not scrubbed.

References (9)

Core 9
Core References
Patch, Vendor Advisory x_refsource_misc
https://xenbits.xen.org/xsa/advisory-313.html
Patch, Vendor Advisory x_refsource_confirm
http://xenbits.xen.org/xsa/advisory-313.html
Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2020/04/14/1
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00006.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/202005-08
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2020/dsa-4723

Scores

CVSS v3 5.5
EPSS 0.0043
EPSS Percentile 34.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-212
Status published
Products (7)
debian/debian_linux 10.0
fedoraproject/fedora 30
fedoraproject/fedora 31
fedoraproject/fedora 32
opensuse/leap 15.1
xen/xen 4.13.0 rc1 (2 CPE variants)
xen/xen 3.2.0 - 4.13.0
Published Apr 14, 2020
Tracked Since Feb 18, 2026