{"api_version":"1","generated_at":"2026-04-23T05:05:21+00:00","cve":"CVE-2020-29570","urls":{"html":"https://cve.report/CVE-2020-29570","api":"https://cve.report/api/cve/CVE-2020-29570.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2020-29570","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2020-29570"},"summary":{"title":"CVE-2020-29570","description":"An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2020-12-15 17:15:00","updated_at":"2023-11-07 03:21:00"},"problem_types":["CWE-770"],"metrics":[],"references":[{"url":"https://www.debian.org/security/2020/dsa-4812","name":"DSA-4812","refsource":"DEBIAN","tags":["Third Party Advisory"],"title":"Debian -- Security Information -- DSA-4812-1 xen","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI/","name":"FEDORA-2020-64859a826b","refsource":"","tags":[],"title":"[SECURITY] Fedora 33 Update: xen-4.14.0-14.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://xenbits.xenproject.org/xsa/advisory-358.html","name":"https://xenbits.xenproject.org/xsa/advisory-358.html","refsource":"MISC","tags":["Patch","Vendor Advisory"],"title":"XSA-358 - Xen Security Advisories","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2020/12/16/4","name":"[oss-security] 20201216 Xen Security Advisory 358 v5 (CVE-2020-29570) - FIFO event channels control block related ordering","refsource":"MLIST","tags":["Mailing List","Third Party Advisory"],"title":"oss-security - Xen Security Advisory 358 v5 (CVE-2020-29570) - FIFO event\n channels control block related ordering","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202107-30","name":"GLSA-202107-30","refsource":"GENTOO","tags":[],"title":"Xen: Multiple vulnerabilities (GLSA 202107-30) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA/","name":"FEDORA-2020-df772b417b","refsource":"FEDORA","tags":["Mailing List","Third Party Advisory"],"title":"[SECURITY] Fedora 32 Update: xen-4.13.2-5.fc32 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA/","name":"FEDORA-2020-df772b417b","refsource":"","tags":[],"title":"[SECURITY] Fedora 32 Update: xen-4.13.2-5.fc32 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI/","name":"FEDORA-2020-64859a826b","refsource":"FEDORA","tags":["Mailing List","Third Party Advisory"],"title":"[SECURITY] Fedora 33 Update: xen-4.14.0-14.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2020-29570","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-29570","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2020","cve_id":"29570","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"29570","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"29570","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"32","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"29570","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"33","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"29570","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"32","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"29570","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"33","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2020","cve_id":"29570","vulnerable":"1","versionEndIncluding":"4.14.0","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"xen","cpe5":"xen","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2020-29570","qid":"377779","title":"Citrix XenServer Security Updates (CTX286756)"},{"cve":"CVE-2020-29570","qid":"500796","title":"Alpine Linux Security Update for xen"},{"cve":"CVE-2020-29570","qid":"501515","title":"Alpine Linux Security Update for xen"},{"cve":"CVE-2020-29570","qid":"504539","title":"Alpine Linux Security Update for xen"},{"cve":"CVE-2020-29570","qid":"710038","title":"Gentoo Linux Xen Multiple vulnerabilities (GLSA 202107-30)"},{"cve":"CVE-2020-29570","qid":"750465","title":"OpenSUSE Security Update for xen (openSUSE-SU-2020:2331-1)"},{"cve":"CVE-2020-29570","qid":"750474","title":"OpenSUSE Security Update for xen (openSUSE-SU-2020:2313-1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2020-29570","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://xenbits.xenproject.org/xsa/advisory-358.html","refsource":"MISC","name":"https://xenbits.xenproject.org/xsa/advisory-358.html"},{"refsource":"DEBIAN","name":"DSA-4812","url":"https://www.debian.org/security/2020/dsa-4812"},{"refsource":"MLIST","name":"[oss-security] 20201216 Xen Security Advisory 358 v5 (CVE-2020-29570) - FIFO event channels control block related ordering","url":"http://www.openwall.com/lists/oss-security/2020/12/16/4"},{"refsource":"FEDORA","name":"FEDORA-2020-64859a826b","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI/"},{"refsource":"FEDORA","name":"FEDORA-2020-df772b417b","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA/"},{"refsource":"GENTOO","name":"GLSA-202107-30","url":"https://security.gentoo.org/glsa/202107-30"}]}},"nvd":{"publishedDate":"2020-12-15 17:15:00","lastModifiedDate":"2023-11-07 03:21:00","problem_types":["CWE-770"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":6.2,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.5,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:N/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE","baseScore":4.9},"severity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndIncluding":"4.14.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2020","CveId":"29570","Ordinal":"192747","Title":"CVE-2020-29570","CVE":"CVE-2020-29570","Year":"2020"},"notes":[{"CveYear":"2020","CveId":"29570","Ordinal":"1","NoteData":"An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system.","Type":"Description","Title":null},{"CveYear":"2020","CveId":"29570","Ordinal":"2","NoteData":"2020-12-15","Type":"Other","Title":"Published"},{"CveYear":"2020","CveId":"29570","Ordinal":"3","NoteData":"2021-07-12","Type":"Other","Title":"Modified"}]}}}