An issue was discovered in Xen through 4.14.x. An x86 PV guest can trigger a host OS crash when handling guest access to MSR_MISC_ENABLE. When a guest accesses certain Model Specific Registers, Xen first reads the value from hardware to use as the basis for auditing the guest access. For the MISC_ENABLE MSR, which is an Intel specific MSR, this MSR read is performed without error handling for a #GP fault, which is the consequence of trying to read this MSR on non-Intel hardware. A buggy or malicious PV guest administrator can crash Xen, resulting in a host Denial of Service. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only Xen versions 4.11 and onwards are vulnerable. 4.10 and earlier are not vulnerable. Only x86 systems that do not implement the MISC_ENABLE MSR (0x1a0) are vulnerable. AMD and Hygon systems do not implement this MSR and are vulnerable. Intel systems do implement this MSR and are not vulnerable. Other manufacturers have not been checked. Only x86 PV guests can exploit the vulnerability. x86 HVM/PVH guests cannot exploit the vulnerability.
This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 6.0, requiring local system access to exploit with relatively low complexity without requiring user interaction . The vulnerability impacts and availability (service disruption) for affected systems. Impacting 4 products from xen, from fedoraproject, from debian and 1 other, organizations running these solutions should prioritize assessment and patching.
Reported in 2020, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.
2020-09-23T22:15:13.790
2024-11-21T05:18:12.690
Modified
CVSSv3.1: 6.0 (MEDIUM)
AV:L/AC:L/Au:S/C:N/I:N/A:C
3.1
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | xen | xen | ≤ 4.14.0 | Yes |
| Operating System | fedoraproject | fedora | 31 | Yes |
| Operating System | fedoraproject | fedora | 32 | Yes |
| Operating System | fedoraproject | fedora | 33 | Yes |
| Operating System | debian | debian_linux | 10.0 | Yes |
| Operating System | opensuse | leap | 15.2 | Yes |
SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For xen's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.