vulnerability
Ubuntu: (Multiple Advisories) (CVE-2020-11740): Xen vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Apr 14, 2020 | Sep 20, 2022 | Aug 18, 2025 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Apr 14, 2020
Added
Sep 20, 2022
Modified
Aug 18, 2025
Description
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been enabled for those guests. These buffers were not scrubbed.
Solutions
ubuntu-upgrade-libxendevicemodel1ubuntu-upgrade-libxenevtchn1ubuntu-upgrade-libxengnttab1ubuntu-upgrade-libxenmisc4-11ubuntu-upgrade-xen-hypervisor-4-11-amd64ubuntu-upgrade-xen-hypervisor-4-11-arm64ubuntu-upgrade-xen-hypervisor-4-11-armhfubuntu-upgrade-xen-utils-4-11ubuntu-upgrade-xen-utils-commonubuntu-upgrade-xenstore-utils
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.