{"api_version":"1","generated_at":"2026-04-23T04:33:55+00:00","cve":"CVE-2020-27674","urls":{"html":"https://cve.report/CVE-2020-27674","api":"https://cve.report/api/cve/CVE-2020-27674.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-27674","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-27674"},"summary":{"title":"CVE-2020-27674","description":"An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2020-10-22 21:15:00","updated_at":"2023-11-07 03:20:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3U4LNKKXU4UP4Z5XP6TMIWSML3QODPE/","name":"FEDORA-2020-5398bfb466","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 32 Update: xen-4.13.2-1.fc32 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202011-06","name":"GLSA-202011-06","refsource":"GENTOO","tags":[],"title":"Xen: Multiple vulnerabilities (GLSA 202011-06) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XIK57QJOVOPWH6RFRNMGOBCROBCKMDG2/","name":"FEDORA-2020-6dd36a716c","refsource":"","tags":[],"title":"[SECURITY] Fedora 31 Update: xen-4.12.3-8.fc31 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PZAM3LYJ5TZLSSNL3KXFILM46QKVTOUA/","name":"FEDORA-2020-ec84c1565b","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 33 Update: xen-4.14.0-9.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2020/dsa-4804","name":"DSA-4804","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4804-1 xen","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XIK57QJOVOPWH6RFRNMGOBCROBCKMDG2/","name":"FEDORA-2020-6dd36a716c","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 31 Update: xen-4.12.3-8.fc31 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZAM3LYJ5TZLSSNL3KXFILM46QKVTOUA/","name":"FEDORA-2020-ec84c1565b","refsource":"","tags":[],"title":"[SECURITY] Fedora 33 Update: xen-4.14.0-9.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2021/01/19/5","name":"[oss-security] 20210119 Xen Security Advisory 286 v6 (CVE-2020-27674) - x86 PV guest INVLPG-like flushes may leave stale TLB entries","refsource":"MLIST","tags":[],"title":"oss-security - Xen Security Advisory 286 v6 (CVE-2020-27674) - x86 PV guest\n INVLPG-like flushes may leave stale TLB entries","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3U4LNKKXU4UP4Z5XP6TMIWSML3QODPE/","name":"FEDORA-2020-5398bfb466","refsource":"","tags":[],"title":"[SECURITY] Fedora 32 Update: xen-4.13.2-1.fc32 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://xenbits.xen.org/xsa/advisory-286.html","name":"https://xenbits.xen.org/xsa/advisory-286.html","refsource":"MISC","tags":["Patch","Vendor Advisory"],"title":"XSA-286 - Xen Security Advisories","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-27674","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27674","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"27674","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"27674","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"31","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"27674","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"32","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"27674","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"33","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"27674","vulnerable":"1","versionEndIncluding":"4.14.0","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"xen","cpe5":"xen","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"x86","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2020-27674","qid":"378881","title":"Citrix XenServer Security Updates (CTX284874)"},{"cve":"CVE-2020-27674","qid":"500793","title":"Alpine Linux Security Update for xen"},{"cve":"CVE-2020-27674","qid":"501513","title":"Alpine Linux Security Update for xen"},{"cve":"CVE-2020-27674","qid":"504537","title":"Alpine Linux Security Update for xen"},{"cve":"CVE-2020-27674","qid":"750502","title":"OpenSUSE Security Update for xen (openSUSE-SU-2020:2192-1)"},{"cve":"CVE-2020-27674","qid":"750519","title":"OpenSUSE Security Update for xen (openSUSE-SU-2020:2162-1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2020-27674","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://xenbits.xen.org/xsa/advisory-286.html","refsource":"MISC","name":"https://xenbits.xen.org/xsa/advisory-286.html"},{"refsource":"GENTOO","name":"GLSA-202011-06","url":"https://security.gentoo.org/glsa/202011-06"},{"refsource":"FEDORA","name":"FEDORA-2020-5398bfb466","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3U4LNKKXU4UP4Z5XP6TMIWSML3QODPE/"},{"refsource":"FEDORA","name":"FEDORA-2020-ec84c1565b","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PZAM3LYJ5TZLSSNL3KXFILM46QKVTOUA/"},{"refsource":"FEDORA","name":"FEDORA-2020-6dd36a716c","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XIK57QJOVOPWH6RFRNMGOBCROBCKMDG2/"},{"refsource":"DEBIAN","name":"DSA-4804","url":"https://www.debian.org/security/2020/dsa-4804"},{"refsource":"MLIST","name":"[oss-security] 20210119 Xen Security Advisory 286 v6 (CVE-2020-27674) - x86 PV guest INVLPG-like flushes may leave stale TLB entries","url":"http://www.openwall.com/lists/oss-security/2021/01/19/5"}]}},"nvd":{"publishedDate":"2020-10-22 21:15:00","lastModifiedDate":"2023-11-07 03:20:00","problem_types":["CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":5.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.4},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":4.6},"severity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*","versionEndIncluding":"4.14.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"27674","Ordinal":"189308","Title":"CVE-2020-27674","CVE":"CVE-2020-27674","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"27674","Ordinal":"1","NoteData":"An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.","Type":"Description","Title":null},{"CveYear":"2020","CveId":"27674","Ordinal":"2","NoteData":"2020-10-22","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"27674","Ordinal":"3","NoteData":"2021-01-19","Type":"Other","Title":"Modified"}]}}}