CVE-2020-11739

Name of the Vulnerable Software and Affected Versions Xen versions through 4.13.x

Description An issue in Xen allows guest OS users to cause a denial of service or possibly gain privileges due to missing memory barriers in read-write unlock paths. This means a processor can re-order memory access, potentially allowing a writer to execute a critical section at the same time as readers or another writer, making assumptions in critical sections unsafe. The read-write locks are used in hypercalls, such as grant-table ones, which a malicious guest could exploit. This could lead to memory leaks or a hypervisor crash, resulting in a Denial of Service (DoS), and information leak and privilege escalation cannot be excluded.

Recommendations For Xen versions through 4.13.x, consider disabling the use of read-write unlock paths in hypercalls, such as grant-table ones, until a patch is available. Restrict access to the XENMAPSPACE grant table to minimize the risk of exploitation. Avoid using concurrent access to the grant table to prevent potential memory leaks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.