CVE-2020-25597

Name of the Vulnerable Software and Affected Versions Xen versions 4.4 through 4.14.x

Description An issue in Xen allows mishandling of event channel operations, assuming that once-valid event channels will not turn invalid. However, certain operations may decrease the bounds checked for validity, leading to bug checks and potential host crashes. This could result in a Denial of Service (DoS) for the entire system, exploitable by an unprivileged guest. The vulnerability specifically affects systems where untrusted guests can create more than the default number of event channels, which varies by architecture and guest type.

Recommendations For Xen versions 4.4 through 4.14.x, consider restricting the number of event channels that can be created by untrusted guests to the default limit, which depends on the architecture and type of guest, to minimize the risk of exploitation. As a temporary workaround, consider limiting the max event channels to 1023 for 32-bit x86 PV guests, and to 4095 for 64-bit x86 PV guests and all ARM guests, until a patch is available.