| Max CVSS | 6.9 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-27670 | 6.9 |
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.
|
07-10-2022 - 15:24 | 22-10-2020 - 21:15 | |
| CVE-2020-27674 | 4.6 |
An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.
|
26-04-2022 - 16:29 | 22-10-2020 - 21:15 | |
| CVE-2020-27671 | 6.9 |
An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.
|
26-04-2022 - 16:23 | 22-10-2020 - 21:15 | |
| CVE-2020-27672 | 6.9 |
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB
|
26-04-2022 - 16:23 | 22-10-2020 - 21:15 | |
| CVE-2020-28368 | 2.1 |
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically i
|
01-01-2022 - 18:18 | 10-11-2020 - 19:15 |