CVE-2020-15563

Name of the Vulnerable Software and Affected Versions Xen versions 4.8 through 4.13.x

Description An issue in Xen allows x86 HVM guest OS users to cause a hypervisor crash due to an inverted conditional in the dirty video RAM tracking code. This enables malicious or buggy HVM guests to make Xen de-reference a pointer guaranteed to point at unmapped space, resulting in a Denial of Service (DoS) affecting the entire host. The vulnerability can only be leveraged by x86 HVM guests using shadow paging and when there is an entity actively monitoring a guest's video frame buffer. x86 PV guests and x86 HVM guests using hardware assisted paging (HAP) are not affected.

Recommendations For Xen versions 4.8 through 4.13.x, consider disabling the shadow paging feature for x86 HVM guests as a temporary workaround until a patch is available. Restrict access to the video frame buffer to minimize the risk of exploitation. Avoid using x86 HVM guests with shadow paging until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.