csaf_suse - suse-su-2020:1886-1

suse-su-2020:1886-1

Vulnerability from csaf_suse

Published

2020-07-10 13:49

Modified

2020-07-10 13:49

Summary

Security update for xen

Notes

Title of the patch

Security update for xen

Description of the patch

This update for xen fixes the following issues: - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking (bsc#1173377). - CVE-2020-15565: Fixed insufficient cache write-back under VT-d (bsc#1173378). - CVE-2020-15567: Fixed non-atomic modification of live EPT PTE (bsc#1173380).

Patchnames

HPE-Helion-OpenStack-8-2020-1886,SUSE-2020-1886,SUSE-OpenStack-Cloud-8-2020-1886,SUSE-OpenStack-Cloud-Crowbar-8-2020-1886,SUSE-SLE-SAP-12-SP3-2020-1886,SUSE-SLE-SERVER-12-SP3-2020-1886,SUSE-SLE-SERVER-12-SP3-BCL-2020-1886,SUSE-Storage-5-2020-1886

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for xen",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for xen fixes the following issues:\n\n- CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking (bsc#1173377).\n- CVE-2020-15565: Fixed insufficient cache write-back under VT-d (bsc#1173378).\n- CVE-2020-15567: Fixed non-atomic modification of live EPT PTE (bsc#1173380).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "HPE-Helion-OpenStack-8-2020-1886,SUSE-2020-1886,SUSE-OpenStack-Cloud-8-2020-1886,SUSE-OpenStack-Cloud-Crowbar-8-2020-1886,SUSE-SLE-SAP-12-SP3-2020-1886,SUSE-SLE-SERVER-12-SP3-2020-1886,SUSE-SLE-SERVER-12-SP3-BCL-2020-1886,SUSE-Storage-5-2020-1886",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_1886-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2020:1886-1",
        "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20201886-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2020:1886-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2020-July/007116.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1173377",
        "url": "https://bugzilla.suse.com/1173377"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1173378",
        "url": "https://bugzilla.suse.com/1173378"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1173380",
        "url": "https://bugzilla.suse.com/1173380"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15563 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15563/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15565 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15565/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15567 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15567/"
      }
    ],
    "title": "Security update for xen",
    "tracking": {
      "current_release_date": "2020-07-10T13:49:48Z",
      "generator": {
        "date": "2020-07-10T13:49:48Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2020:1886-1",
      "initial_release_date": "2020-07-10T13:49:48Z",
      "revision_history": [
        {
          "date": "2020-07-10T13:49:48Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.9.4_08-3.66.1.aarch64",
                "product": {
                  "name": "xen-4.9.4_08-3.66.1.aarch64",
                  "product_id": "xen-4.9.4_08-3.66.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.9.4_08-3.66.1.aarch64",
                "product": {
                  "name": "xen-devel-4.9.4_08-3.66.1.aarch64",
                  "product_id": "xen-devel-4.9.4_08-3.66.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.9.4_08-3.66.1.aarch64",
                "product": {
                  "name": "xen-doc-html-4.9.4_08-3.66.1.aarch64",
                  "product_id": "xen-doc-html-4.9.4_08-3.66.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.9.4_08-3.66.1.aarch64",
                "product": {
                  "name": "xen-libs-4.9.4_08-3.66.1.aarch64",
                  "product_id": "xen-libs-4.9.4_08-3.66.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.9.4_08-3.66.1.aarch64",
                "product": {
                  "name": "xen-tools-4.9.4_08-3.66.1.aarch64",
                  "product_id": "xen-tools-4.9.4_08-3.66.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.9.4_08-3.66.1.aarch64",
                "product": {
                  "name": "xen-tools-domU-4.9.4_08-3.66.1.aarch64",
                  "product_id": "xen-tools-domU-4.9.4_08-3.66.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-libs-64bit-4.9.4_08-3.66.1.aarch64_ilp32",
                "product": {
                  "name": "xen-libs-64bit-4.9.4_08-3.66.1.aarch64_ilp32",
                  "product_id": "xen-libs-64bit-4.9.4_08-3.66.1.aarch64_ilp32"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64_ilp32"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-devel-4.9.4_08-3.66.1.i586",
                "product": {
                  "name": "xen-devel-4.9.4_08-3.66.1.i586",
                  "product_id": "xen-devel-4.9.4_08-3.66.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.9.4_08-3.66.1.i586",
                "product": {
                  "name": "xen-libs-4.9.4_08-3.66.1.i586",
                  "product_id": "xen-libs-4.9.4_08-3.66.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.9.4_08-3.66.1.i586",
                "product": {
                  "name": "xen-tools-domU-4.9.4_08-3.66.1.i586",
                  "product_id": "xen-tools-domU-4.9.4_08-3.66.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.9.4_08-3.66.1.x86_64",
                "product": {
                  "name": "xen-4.9.4_08-3.66.1.x86_64",
                  "product_id": "xen-4.9.4_08-3.66.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.9.4_08-3.66.1.x86_64",
                "product": {
                  "name": "xen-doc-html-4.9.4_08-3.66.1.x86_64",
                  "product_id": "xen-doc-html-4.9.4_08-3.66.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.9.4_08-3.66.1.x86_64",
                "product": {
                  "name": "xen-libs-4.9.4_08-3.66.1.x86_64",
                  "product_id": "xen-libs-4.9.4_08-3.66.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
                "product": {
                  "name": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
                  "product_id": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.9.4_08-3.66.1.x86_64",
                "product": {
                  "name": "xen-tools-4.9.4_08-3.66.1.x86_64",
                  "product_id": "xen-tools-4.9.4_08-3.66.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.9.4_08-3.66.1.x86_64",
                "product": {
                  "name": "xen-tools-domU-4.9.4_08-3.66.1.x86_64",
                  "product_id": "xen-tools-domU-4.9.4_08-3.66.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.9.4_08-3.66.1.x86_64",
                "product": {
                  "name": "xen-devel-4.9.4_08-3.66.1.x86_64",
                  "product_id": "xen-devel-4.9.4_08-3.66.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "HPE Helion OpenStack 8",
                "product": {
                  "name": "HPE Helion OpenStack 8",
                  "product_id": "HPE Helion OpenStack 8",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:hpe-helion-openstack:8"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE OpenStack Cloud 8",
                "product": {
                  "name": "SUSE OpenStack Cloud 8",
                  "product_id": "SUSE OpenStack Cloud 8",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-openstack-cloud:8"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE OpenStack Cloud Crowbar 8",
                "product": {
                  "name": "SUSE OpenStack Cloud Crowbar 8",
                  "product_id": "SUSE OpenStack Cloud Crowbar 8",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP3-BCL",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP3-BCL",
                  "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-bcl:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 5",
                "product": {
                  "name": "SUSE Enterprise Storage 5",
                  "product_id": "SUSE Enterprise Storage 5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.4_08-3.66.1.x86_64 as component of HPE Helion OpenStack 8",
          "product_id": "HPE Helion OpenStack 8:xen-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "HPE Helion OpenStack 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.9.4_08-3.66.1.x86_64 as component of HPE Helion OpenStack 8",
          "product_id": "HPE Helion OpenStack 8:xen-doc-html-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-doc-html-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "HPE Helion OpenStack 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.4_08-3.66.1.x86_64 as component of HPE Helion OpenStack 8",
          "product_id": "HPE Helion OpenStack 8:xen-libs-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "HPE Helion OpenStack 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64 as component of HPE Helion OpenStack 8",
          "product_id": "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "HPE Helion OpenStack 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.9.4_08-3.66.1.x86_64 as component of HPE Helion OpenStack 8",
          "product_id": "HPE Helion OpenStack 8:xen-tools-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "HPE Helion OpenStack 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.9.4_08-3.66.1.x86_64 as component of HPE Helion OpenStack 8",
          "product_id": "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "HPE Helion OpenStack 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud 8",
          "product_id": "SUSE OpenStack Cloud 8:xen-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud 8",
          "product_id": "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-doc-html-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud 8",
          "product_id": "SUSE OpenStack Cloud 8:xen-libs-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud 8",
          "product_id": "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud 8",
          "product_id": "SUSE OpenStack Cloud 8:xen-tools-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud 8",
          "product_id": "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
          "product_id": "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
          "product_id": "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-doc-html-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
          "product_id": "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
          "product_id": "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
          "product_id": "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.9.4_08-3.66.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
          "product_id": "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-doc-html-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-doc-html-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-doc-html-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.9.4_08-3.66.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
          "product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.9.4_08-3.66.1.x86_64 as component of SUSE Enterprise Storage 5",
          "product_id": "SUSE Enterprise Storage 5:xen-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.9.4_08-3.66.1.x86_64 as component of SUSE Enterprise Storage 5",
          "product_id": "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-doc-html-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.9.4_08-3.66.1.x86_64 as component of SUSE Enterprise Storage 5",
          "product_id": "SUSE Enterprise Storage 5:xen-libs-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64 as component of SUSE Enterprise Storage 5",
          "product_id": "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.9.4_08-3.66.1.x86_64 as component of SUSE Enterprise Storage 5",
          "product_id": "SUSE Enterprise Storage 5:xen-tools-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.9.4_08-3.66.1.x86_64 as component of SUSE Enterprise Storage 5",
          "product_id": "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.9.4_08-3.66.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-15563",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15563"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests\u0027 dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A malicious or buggy HVM guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Xen versions from 4.8 onwards are affected. Xen versions 4.7 and earlier are not affected. Only x86 systems are affected. Arm systems are not affected. Only x86 HVM guests using shadow paging can leverage the vulnerability. In addition, there needs to be an entity actively monitoring a guest\u0027s video frame buffer (typically for display purposes) in order for such a guest to be able to leverage the vulnerability. x86 PV guests, as well as x86 HVM guests using hardware assisted paging (HAP), cannot leverage the vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "HPE Helion OpenStack 8:xen-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-libs-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-tools-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15563",
          "url": "https://www.suse.com/security/cve/CVE-2020-15563"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173377 for CVE-2020-15563",
          "url": "https://bugzilla.suse.com/1173377"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "HPE Helion OpenStack 8:xen-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "HPE Helion OpenStack 8:xen-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-07-10T13:49:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-15563"
    },
    {
      "cve": "CVE-2020-15565",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15565"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both TLBs. Furthermore, IOMMUs may be non-coherent, and hence prior to flushing IOMMU TLBs, a CPU cache also needs writing back to memory after changes were made. Such writing back of cached data was missing in particular when splitting large page mappings into smaller granularity ones. A malicious guest may be able to retain read/write DMA access to frames returned to Xen\u0027s free pool, and later reused for another purpose. Host crashes (leading to a Denial of Service) and privilege escalation cannot be ruled out. Xen versions from at least 3.2 onwards are affected. Only x86 Intel systems are affected. x86 AMD as well as Arm systems are not affected. Only x86 HVM guests using hardware assisted paging (HAP), having a passed through PCI device assigned, and having page table sharing enabled can leverage the vulnerability. Note that page table sharing will be enabled (by default) only if Xen considers IOMMU and CPU large page size support compatible.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "HPE Helion OpenStack 8:xen-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-libs-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-tools-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15565",
          "url": "https://www.suse.com/security/cve/CVE-2020-15565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173378 for CVE-2020-15565",
          "url": "https://bugzilla.suse.com/1173378"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "HPE Helion OpenStack 8:xen-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.9,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "HPE Helion OpenStack 8:xen-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-07-10T13:49:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-15565"
    },
    {
      "cve": "CVE-2020-15567",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15567"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-atomic bitfield writes. Depending on the compiler version and optimisation flags, Xen might expose a dangerous partially written PTE to the hardware, which an attacker might be able to race to exploit. A guest administrator or perhaps even an unprivileged guest user might be able to cause denial of service, data corruption, or privilege escalation. Only systems using Intel CPUs are vulnerable. Systems using AMD CPUs, and Arm systems, are not vulnerable. Only systems using nested paging (hap, aka nested paging, aka in this case Intel EPT) are vulnerable. Only HVM and PVH guests can exploit the vulnerability. The presence and scope of the vulnerability depends on the precise optimisations performed by the compiler used to build Xen. If the compiler generates (a) a single 64-bit write, or (b) a series of read-modify-write operations in the same order as the source code, the hypervisor is not vulnerable. For example, in one test build using GCC 8.3 with normal settings, the compiler generated multiple (unlocked) read-modify-write operations in source-code order, which did not constitute a vulnerability. We have not been able to survey compilers; consequently we cannot say which compiler(s) might produce vulnerable code (with which code-generation options). The source code clearly violates the C rules, and thus should be considered vulnerable.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "HPE Helion OpenStack 8:xen-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-libs-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-tools-4.9.4_08-3.66.1.x86_64",
          "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_08-3.66.1.x86_64",
          "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15567",
          "url": "https://www.suse.com/security/cve/CVE-2020-15567"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1173380 for CVE-2020-15567",
          "url": "https://bugzilla.suse.com/1173380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2020-15567",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "HPE Helion OpenStack 8:xen-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "HPE Helion OpenStack 8:xen-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "HPE Helion OpenStack 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Enterprise Storage 5:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-BCL:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP3-LTSS:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-doc-html-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-32bit-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-libs-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-4.9.4_08-3.66.1.x86_64",
            "SUSE OpenStack Cloud Crowbar 8:xen-tools-domU-4.9.4_08-3.66.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-07-10T13:49:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-15567"
    }
  ]
}

CVE-2020-15563 (GCVE-0-2020-15563)

Vulnerability from cvelistv5

Published

2020-07-07 12:23

Modified

2024-08-04 13:22

Severity ?

CWE

Summary

An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A malicious or buggy HVM guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Xen versions from 4.8 onwards are affected. Xen versions 4.7 and earlier are not affected. Only x86 systems are affected. Arm systems are not affected. Only x86 HVM guests using shadow paging can leverage the vulnerability. In addition, there needs to be an entity actively monitoring a guest's video frame buffer (typically for display purposes) in order for such a guest to be able to leverage the vulnerability. x86 PV guests, as well as x86 HVM guests using hardware assisted paging (HAP), cannot leverage the vulnerability.

References

►

URL

Tags

	http://xenbits.xen.org/xsa/advisory-319.html	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2020/07/07/3	mailing-list, x_refsource_MLIST
	https://www.debian.org/security/2020/dsa-4723	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html	vendor-advisory, x_refsource_SUSE
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html	vendor-advisory, x_refsource_SUSE
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/	vendor-advisory, x_refsource_FEDORA
	https://security.gentoo.org/glsa/202007-02	vendor-advisory, x_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:22:29.273Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-319.html"
          },
          {
            "name": "[oss-security] 20200707 Xen Security Advisory 319 v3 (CVE-2020-15563) - inverted code paths in x86 dirty VRAM tracking",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/07/07/3"
          },
          {
            "name": "DSA-4723",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4723"
          },
          {
            "name": "openSUSE-SU-2020:0965",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
          },
          {
            "name": "FEDORA-2020-fbc13516af",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/"
          },
          {
            "name": "openSUSE-SU-2020:0985",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
          },
          {
            "name": "FEDORA-2020-76cf2b0f0a",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/"
          },
          {
            "name": "GLSA-202007-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202007-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests\u0027 dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A malicious or buggy HVM guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Xen versions from 4.8 onwards are affected. Xen versions 4.7 and earlier are not affected. Only x86 systems are affected. Arm systems are not affected. Only x86 HVM guests using shadow paging can leverage the vulnerability. In addition, there needs to be an entity actively monitoring a guest\u0027s video frame buffer (typically for display purposes) in order for such a guest to be able to leverage the vulnerability. x86 PV guests, as well as x86 HVM guests using hardware assisted paging (HAP), cannot leverage the vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-27T00:06:07",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-319.html"
        },
        {
          "name": "[oss-security] 20200707 Xen Security Advisory 319 v3 (CVE-2020-15563) - inverted code paths in x86 dirty VRAM tracking",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/07/07/3"
        },
        {
          "name": "DSA-4723",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4723"
        },
        {
          "name": "openSUSE-SU-2020:0965",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
        },
        {
          "name": "FEDORA-2020-fbc13516af",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/"
        },
        {
          "name": "openSUSE-SU-2020:0985",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
        },
        {
          "name": "FEDORA-2020-76cf2b0f0a",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/"
        },
        {
          "name": "GLSA-202007-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202007-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-15563",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests\u0027 dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A malicious or buggy HVM guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Xen versions from 4.8 onwards are affected. Xen versions 4.7 and earlier are not affected. Only x86 systems are affected. Arm systems are not affected. Only x86 HVM guests using shadow paging can leverage the vulnerability. In addition, there needs to be an entity actively monitoring a guest\u0027s video frame buffer (typically for display purposes) in order for such a guest to be able to leverage the vulnerability. x86 PV guests, as well as x86 HVM guests using hardware assisted paging (HAP), cannot leverage the vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://xenbits.xen.org/xsa/advisory-319.html",
              "refsource": "MISC",
              "url": "http://xenbits.xen.org/xsa/advisory-319.html"
            },
            {
              "name": "[oss-security] 20200707 Xen Security Advisory 319 v3 (CVE-2020-15563) - inverted code paths in x86 dirty VRAM tracking",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/07/07/3"
            },
            {
              "name": "DSA-4723",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4723"
            },
            {
              "name": "openSUSE-SU-2020:0965",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
            },
            {
              "name": "FEDORA-2020-fbc13516af",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/"
            },
            {
              "name": "openSUSE-SU-2020:0985",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
            },
            {
              "name": "FEDORA-2020-76cf2b0f0a",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/"
            },
            {
              "name": "GLSA-202007-02",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202007-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-15563",
    "datePublished": "2020-07-07T12:23:55",
    "dateReserved": "2020-07-06T00:00:00",
    "dateUpdated": "2024-08-04T13:22:29.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-15567 (GCVE-0-2020-15567)

Vulnerability from cvelistv5

Published

2020-07-07 12:26

Modified

2024-08-04 13:22

Severity ?

CWE

Summary

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-atomic bitfield writes. Depending on the compiler version and optimisation flags, Xen might expose a dangerous partially written PTE to the hardware, which an attacker might be able to race to exploit. A guest administrator or perhaps even an unprivileged guest user might be able to cause denial of service, data corruption, or privilege escalation. Only systems using Intel CPUs are vulnerable. Systems using AMD CPUs, and Arm systems, are not vulnerable. Only systems using nested paging (hap, aka nested paging, aka in this case Intel EPT) are vulnerable. Only HVM and PVH guests can exploit the vulnerability. The presence and scope of the vulnerability depends on the precise optimisations performed by the compiler used to build Xen. If the compiler generates (a) a single 64-bit write, or (b) a series of read-modify-write operations in the same order as the source code, the hypervisor is not vulnerable. For example, in one test build using GCC 8.3 with normal settings, the compiler generated multiple (unlocked) read-modify-write operations in source-code order, which did not constitute a vulnerability. We have not been able to survey compilers; consequently we cannot say which compiler(s) might produce vulnerable code (with which code-generation options). The source code clearly violates the C rules, and thus should be considered vulnerable.

References

►

URL

Tags

	http://xenbits.xen.org/xsa/advisory-328.html	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2020/07/07/6	mailing-list, x_refsource_MLIST
	https://www.debian.org/security/2020/dsa-4723	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html	vendor-advisory, x_refsource_SUSE
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html	vendor-advisory, x_refsource_SUSE
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/	vendor-advisory, x_refsource_FEDORA
	https://security.gentoo.org/glsa/202007-02	vendor-advisory, x_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:22:29.365Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-328.html"
          },
          {
            "name": "[oss-security] 20200707 Xen Security Advisory 328 v3 (CVE-2020-15567) - non-atomic modification of live EPT PTE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/07/07/6"
          },
          {
            "name": "DSA-4723",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4723"
          },
          {
            "name": "openSUSE-SU-2020:0965",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
          },
          {
            "name": "FEDORA-2020-fbc13516af",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/"
          },
          {
            "name": "openSUSE-SU-2020:0985",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
          },
          {
            "name": "FEDORA-2020-76cf2b0f0a",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/"
          },
          {
            "name": "GLSA-202007-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202007-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-atomic bitfield writes. Depending on the compiler version and optimisation flags, Xen might expose a dangerous partially written PTE to the hardware, which an attacker might be able to race to exploit. A guest administrator or perhaps even an unprivileged guest user might be able to cause denial of service, data corruption, or privilege escalation. Only systems using Intel CPUs are vulnerable. Systems using AMD CPUs, and Arm systems, are not vulnerable. Only systems using nested paging (hap, aka nested paging, aka in this case Intel EPT) are vulnerable. Only HVM and PVH guests can exploit the vulnerability. The presence and scope of the vulnerability depends on the precise optimisations performed by the compiler used to build Xen. If the compiler generates (a) a single 64-bit write, or (b) a series of read-modify-write operations in the same order as the source code, the hypervisor is not vulnerable. For example, in one test build using GCC 8.3 with normal settings, the compiler generated multiple (unlocked) read-modify-write operations in source-code order, which did not constitute a vulnerability. We have not been able to survey compilers; consequently we cannot say which compiler(s) might produce vulnerable code (with which code-generation options). The source code clearly violates the C rules, and thus should be considered vulnerable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-27T00:06:08",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-328.html"
        },
        {
          "name": "[oss-security] 20200707 Xen Security Advisory 328 v3 (CVE-2020-15567) - non-atomic modification of live EPT PTE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/07/07/6"
        },
        {
          "name": "DSA-4723",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4723"
        },
        {
          "name": "openSUSE-SU-2020:0965",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
        },
        {
          "name": "FEDORA-2020-fbc13516af",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/"
        },
        {
          "name": "openSUSE-SU-2020:0985",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
        },
        {
          "name": "FEDORA-2020-76cf2b0f0a",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/"
        },
        {
          "name": "GLSA-202007-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202007-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-15567",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-atomic bitfield writes. Depending on the compiler version and optimisation flags, Xen might expose a dangerous partially written PTE to the hardware, which an attacker might be able to race to exploit. A guest administrator or perhaps even an unprivileged guest user might be able to cause denial of service, data corruption, or privilege escalation. Only systems using Intel CPUs are vulnerable. Systems using AMD CPUs, and Arm systems, are not vulnerable. Only systems using nested paging (hap, aka nested paging, aka in this case Intel EPT) are vulnerable. Only HVM and PVH guests can exploit the vulnerability. The presence and scope of the vulnerability depends on the precise optimisations performed by the compiler used to build Xen. If the compiler generates (a) a single 64-bit write, or (b) a series of read-modify-write operations in the same order as the source code, the hypervisor is not vulnerable. For example, in one test build using GCC 8.3 with normal settings, the compiler generated multiple (unlocked) read-modify-write operations in source-code order, which did not constitute a vulnerability. We have not been able to survey compilers; consequently we cannot say which compiler(s) might produce vulnerable code (with which code-generation options). The source code clearly violates the C rules, and thus should be considered vulnerable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://xenbits.xen.org/xsa/advisory-328.html",
              "refsource": "MISC",
              "url": "http://xenbits.xen.org/xsa/advisory-328.html"
            },
            {
              "name": "[oss-security] 20200707 Xen Security Advisory 328 v3 (CVE-2020-15567) - non-atomic modification of live EPT PTE",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/07/07/6"
            },
            {
              "name": "DSA-4723",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4723"
            },
            {
              "name": "openSUSE-SU-2020:0965",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
            },
            {
              "name": "FEDORA-2020-fbc13516af",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/"
            },
            {
              "name": "openSUSE-SU-2020:0985",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
            },
            {
              "name": "FEDORA-2020-76cf2b0f0a",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/"
            },
            {
              "name": "GLSA-202007-02",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202007-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-15567",
    "datePublished": "2020-07-07T12:26:26",
    "dateReserved": "2020-07-06T00:00:00",
    "dateUpdated": "2024-08-04T13:22:29.365Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-15565 (GCVE-0-2020-15565)

Vulnerability from cvelistv5

Published

2020-07-07 12:25

Modified

2024-08-04 13:22

Severity ?

CWE

Summary

An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both TLBs. Furthermore, IOMMUs may be non-coherent, and hence prior to flushing IOMMU TLBs, a CPU cache also needs writing back to memory after changes were made. Such writing back of cached data was missing in particular when splitting large page mappings into smaller granularity ones. A malicious guest may be able to retain read/write DMA access to frames returned to Xen's free pool, and later reused for another purpose. Host crashes (leading to a Denial of Service) and privilege escalation cannot be ruled out. Xen versions from at least 3.2 onwards are affected. Only x86 Intel systems are affected. x86 AMD as well as Arm systems are not affected. Only x86 HVM guests using hardware assisted paging (HAP), having a passed through PCI device assigned, and having page table sharing enabled can leverage the vulnerability. Note that page table sharing will be enabled (by default) only if Xen considers IOMMU and CPU large page size support compatible.

References

►

URL

Tags

	http://xenbits.xen.org/xsa/advisory-321.html	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2020/07/07/4	mailing-list, x_refsource_MLIST
	https://www.debian.org/security/2020/dsa-4723	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html	vendor-advisory, x_refsource_SUSE
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html	vendor-advisory, x_refsource_SUSE
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/	vendor-advisory, x_refsource_FEDORA
	https://security.gentoo.org/glsa/202007-02	vendor-advisory, x_refsource_GENTOO

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:22:29.188Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-321.html"
          },
          {
            "name": "[oss-security] 20200707 Xen Security Advisory 321 v3 (CVE-2020-15565) - insufficient cache write-back under VT-d",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/07/07/4"
          },
          {
            "name": "DSA-4723",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4723"
          },
          {
            "name": "openSUSE-SU-2020:0965",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
          },
          {
            "name": "FEDORA-2020-fbc13516af",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/"
          },
          {
            "name": "openSUSE-SU-2020:0985",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
          },
          {
            "name": "FEDORA-2020-76cf2b0f0a",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/"
          },
          {
            "name": "GLSA-202007-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202007-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both TLBs. Furthermore, IOMMUs may be non-coherent, and hence prior to flushing IOMMU TLBs, a CPU cache also needs writing back to memory after changes were made. Such writing back of cached data was missing in particular when splitting large page mappings into smaller granularity ones. A malicious guest may be able to retain read/write DMA access to frames returned to Xen\u0027s free pool, and later reused for another purpose. Host crashes (leading to a Denial of Service) and privilege escalation cannot be ruled out. Xen versions from at least 3.2 onwards are affected. Only x86 Intel systems are affected. x86 AMD as well as Arm systems are not affected. Only x86 HVM guests using hardware assisted paging (HAP), having a passed through PCI device assigned, and having page table sharing enabled can leverage the vulnerability. Note that page table sharing will be enabled (by default) only if Xen considers IOMMU and CPU large page size support compatible."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-27T00:06:09",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-321.html"
        },
        {
          "name": "[oss-security] 20200707 Xen Security Advisory 321 v3 (CVE-2020-15565) - insufficient cache write-back under VT-d",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/07/07/4"
        },
        {
          "name": "DSA-4723",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4723"
        },
        {
          "name": "openSUSE-SU-2020:0965",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
        },
        {
          "name": "FEDORA-2020-fbc13516af",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/"
        },
        {
          "name": "openSUSE-SU-2020:0985",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
        },
        {
          "name": "FEDORA-2020-76cf2b0f0a",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/"
        },
        {
          "name": "GLSA-202007-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202007-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-15565",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both TLBs. Furthermore, IOMMUs may be non-coherent, and hence prior to flushing IOMMU TLBs, a CPU cache also needs writing back to memory after changes were made. Such writing back of cached data was missing in particular when splitting large page mappings into smaller granularity ones. A malicious guest may be able to retain read/write DMA access to frames returned to Xen\u0027s free pool, and later reused for another purpose. Host crashes (leading to a Denial of Service) and privilege escalation cannot be ruled out. Xen versions from at least 3.2 onwards are affected. Only x86 Intel systems are affected. x86 AMD as well as Arm systems are not affected. Only x86 HVM guests using hardware assisted paging (HAP), having a passed through PCI device assigned, and having page table sharing enabled can leverage the vulnerability. Note that page table sharing will be enabled (by default) only if Xen considers IOMMU and CPU large page size support compatible."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://xenbits.xen.org/xsa/advisory-321.html",
              "refsource": "MISC",
              "url": "http://xenbits.xen.org/xsa/advisory-321.html"
            },
            {
              "name": "[oss-security] 20200707 Xen Security Advisory 321 v3 (CVE-2020-15565) - insufficient cache write-back under VT-d",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/07/07/4"
            },
            {
              "name": "DSA-4723",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4723"
            },
            {
              "name": "openSUSE-SU-2020:0965",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
            },
            {
              "name": "FEDORA-2020-fbc13516af",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VB3QJJZV23Z2IDYEMIHELWYSQBUEW6JP/"
            },
            {
              "name": "openSUSE-SU-2020:0985",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
            },
            {
              "name": "FEDORA-2020-76cf2b0f0a",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MXESCOVI7AVRNC7HEAMFM7PMEO6D3AUH/"
            },
            {
              "name": "GLSA-202007-02",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202007-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-15565",
    "datePublished": "2020-07-07T12:25:00",
    "dateReserved": "2020-07-06T00:00:00",
    "dateUpdated": "2024-08-04T13:22:29.188Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2020:1886-1

Vulnerability from csaf_suse

CVE-2020-15563 (GCVE-0-2020-15563)

Vulnerability from cvelistv5

CVE-2020-15567 (GCVE-0-2020-15567)

Vulnerability from cvelistv5

CVE-2020-15565 (GCVE-0-2020-15565)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature