CVE-2020-27673 - log back

CVE-2020-27673 edited at 19 Jan 2021 17:35:04
References
- https://lists.xenproject.org/archives/html/xen-announce/2021-01/msg00003.html
+ https://xenbits.xen.org/xsa/advisory-332.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e99502f76271d6bc4e374fe368c50c67a1fd3070
CVE-2020-27673 edited at 19 Jan 2021 17:33:10
Description
- The handling of Xen events in the Linux kernel runs with interrupts disabled in a loop until no further event is pending. Whenever an event has been accepted by the kernel, another event can come in via the same event channel. This can result in the event handling loop running for an extended time if new events are coming in at a high rate. In extreme cases this can lead to a complete hang of the kernel, resulting in a DoS situation of the host when dom0 is affected.
+ An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
References
https://lists.xenproject.org/archives/html/xen-announce/2021-01/msg00003.html
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e99502f76271d6bc4e374fe368c50c67a1fd3070
CVE-2020-27673 edited at 19 Jan 2021 17:21:43
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ The handling of Xen events in the Linux kernel runs with interrupts disabled in a loop until no further event is pending. Whenever an event has been accepted by the kernel, another event can come in via the same event channel. This can result in the event handling loop running for an extended time if new events are coming in at a high rate. In extreme cases this can lead to a complete hang of the kernel, resulting in a DoS situation of the host when dom0 is affected.
References
+ https://lists.xenproject.org/archives/html/xen-announce/2021-01/msg00003.html
Notes
CVE-2020-27673 created at 19 Jan 2021 17:19:54