An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device, aka CID-073d0552ead5.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
26 Apr 2022, 16:29
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2021/01/19/3 - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZG6TZLD23QO3PV2AN2HB625ZX47ALTT/ - Mailing List, Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202011-06 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6USZ4APZSBQDHGJLJMHW5JBN4QZV6SKZ/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNF2R7FUT4IOJ2RIRGQ7X5R4F4FVVLSR/ - Mailing List, Third Party Advisory | |
CWE | CWE-416 CWE-476 |
Information
Published : 2020-10-22 21:15
Updated : 2024-02-04 21:23
NVD link : CVE-2020-27675
Mitre link : CVE-2020-27675
CVE.ORG link : CVE-2020-27675
JSON object : View
Products Affected
debian
- debian_linux
fedoraproject
- fedora
linux
- linux_kernel