CVE-2020-29486

Name of the Vulnerable Software and Affected Versions Xen versions prior to 4.14.x

Description The issue is related to the oxenstored process of the Xen hypervisor, which is associated with unbounded memory allocation. Exploitation of this issue can allow an attacker to cause a denial of service. In oxenstored, a node owner could give a node away, but node ownership has quota implications. Any guest can run another guest out of quota or create an unbounded number of nodes owned by dom0, thus running xenstored out of memory. A malicious guest administrator can cause a denial of service against a specific guest or against the whole host. All systems using oxenstored are vulnerable.

Recommendations For Xen versions prior to 4.14.x, consider disabling the use of oxenstored as a temporary workaround until a patch is available. Restrict access to the xenstore nodes to minimize the risk of exploitation. Avoid using the oxenstored process in the upstream Xen distribution if the Ocaml compiler is available, and instead use C xenstored, which is not vulnerable.