Freebsd · Freebsd · CVE-2020-29568
**Name of the Vulnerable Software and Affected Versions**
Xen versions through 4.14.x
**Description**
An issue was discovered in some OSes, such as Linux, FreeBSD, and NetBSD, which are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OOM in the backend. All systems with a FreeBSD, Linux, or NetBSD (any version) dom0 are vulnerable.
**Recommendations**
For Xen versions through 4.14.x, consider implementing a queue limit or a mechanism to handle watch events more efficiently to prevent an OOM in the backend. As a temporary workaround, consider restricting the rate at which watch events are received or disabling the single-threaded watch event processing until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.