PT-2019-5081 · Xen+1 · Xen+1

Marek Marczykowski-Górecki

Published

2019-12-04

Updated

2020-08-04

CVE-2019-19579

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Xen versions prior to 4.13

Description The issue allows attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This is due to an incomplete fix for a previous issue. The vulnerability can be exploited when an untrusted domain with access to a physical device can DMA into host memory, leading to privilege escalation. Only systems where guests are given direct access to physical devices capable of DMA (PCI pass-through) are vulnerable. Systems which do not use PCI pass-through are not vulnerable.

Recommendations For Xen versions prior to 4.13, consider disabling the use of PCI pass-through to minimize the risk of exploitation until a patch is available. Restrict access to physical devices capable of DMA to prevent untrusted domains from accessing them.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2020-01747

CVE-2019-19579

DSA-4602-1

OPENSUSE-SU-2020:0011-1

SUSE-SU-2019:3297-1

SUSE-SU-2019:3309-1

SUSE-SU-2019:3310-1

SUSE-SU-2019:3338-1

SUSE-SU-2020:0334-1

SUSE-SU-2020:0388-1

SUSE-SU-2020:14444-1

SUSE-SU-2020:1630-1

SUSE-SU-2020_1630-1

Affected Products

Suse

Xen

PT-2019-5081 · Xen+1 · Xen+1

CVE-2019-19579

Weakness Enumeration

Related Identifiers

Affected Products

References · 111