CVE-2020-29568

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-29568
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-29568.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-29568
Related
Published
2020-12-15T17:15:14Z
Modified
2024-09-11T04:39:25.911473Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OOM in the backend. All systems with a FreeBSD, Linux, or NetBSD (any version) dom0 are vulnerable.

References

Affected packages

Alpine:v3.13 / linux-lts

Package

Name
linux-lts
Purl
pkg:apk/alpine/linux-lts?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.4-r0

Affected versions

5.*

5.4.0-r1
5.4.0-r2
5.4.0-r3
5.4.1-r0
5.4.2-r0
5.4.3-r0
5.4.4-r0
5.4.4-r1
5.4.5-r0
5.4.6-r0
5.4.7-r0
5.4.8-r0
5.4.10-r0
5.4.11-r0
5.4.12-r0
5.4.12-r1
5.4.13-r1
5.4.14-r0
5.4.16-r0
5.4.17-r0
5.4.18-r0
5.4.20-r0
5.4.20-r1
5.4.21-r0
5.4.22-r0
5.4.23-r0
5.4.23-r1
5.4.24-r1
5.4.25-r0
5.4.26-r0
5.4.27-r0
5.4.28-r0
5.4.29-r0
5.4.30-r0
5.4.31-r0
5.4.32-r0
5.4.33-r0
5.4.34-r0
5.4.35-r0
5.4.36-r0
5.4.38-r0
5.4.39-r0
5.4.40-r0
5.4.41-r0
5.4.42-r0
5.4.42-r1
5.4.43-r0
5.4.43-r1
5.4.44-r0
5.4.45-r0
5.4.46-r0
5.4.46-r1
5.4.47-r0
5.4.47-r1
5.4.48-r0
5.4.49-r0
5.4.50-r0
5.4.51-r0
5.4.52-r0
5.4.53-r0
5.4.54-r0
5.4.54-r1
5.4.54-r2
5.4.55-r0
5.4.57-r0
5.4.57-r1
5.4.58-r0
5.4.59-r0
5.4.60-r0
5.4.61-r0
5.4.61-r1
5.4.62-r0
5.4.63-r0
5.4.64-r0
5.4.65-r0
5.4.66-r0
5.4.67-r0
5.4.68-r0
5.4.69-r0
5.4.70-r0
5.4.71-r0
5.4.72-r0
5.4.73-r0
5.4.74-r0
5.4.75-r0
5.4.77-r0
5.4.78-r0
5.4.79-r0
5.4.80-r0
5.4.81-r0
5.4.82-r0
5.10.0-r0
5.10.1-r0
5.10.1-r1
5.10.2-r0
5.10.3-r0

Alpine:v3.13 / xen

Package

Name
xen
Purl
pkg:apk/alpine/xen?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.14 / linux-lts

Package

Name
linux-lts
Purl
pkg:apk/alpine/linux-lts?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.4-r0

Affected versions

5.*

5.4.0-r1
5.4.0-r2
5.4.0-r3
5.4.1-r0
5.4.2-r0
5.4.3-r0
5.4.4-r0
5.4.4-r1
5.4.5-r0
5.4.6-r0
5.4.7-r0
5.4.8-r0
5.4.10-r0
5.4.11-r0
5.4.12-r0
5.4.12-r1
5.4.13-r1
5.4.14-r0
5.4.16-r0
5.4.17-r0
5.4.18-r0
5.4.20-r0
5.4.20-r1
5.4.21-r0
5.4.22-r0
5.4.23-r0
5.4.23-r1
5.4.24-r1
5.4.25-r0
5.4.26-r0
5.4.27-r0
5.4.28-r0
5.4.29-r0
5.4.30-r0
5.4.31-r0
5.4.32-r0
5.4.33-r0
5.4.34-r0
5.4.35-r0
5.4.36-r0
5.4.38-r0
5.4.39-r0
5.4.40-r0
5.4.41-r0
5.4.42-r0
5.4.42-r1
5.4.43-r0
5.4.43-r1
5.4.44-r0
5.4.45-r0
5.4.46-r0
5.4.46-r1
5.4.47-r0
5.4.47-r1
5.4.48-r0
5.4.49-r0
5.4.50-r0
5.4.51-r0
5.4.52-r0
5.4.53-r0
5.4.54-r0
5.4.54-r1
5.4.54-r2
5.4.55-r0
5.4.57-r0
5.4.57-r1
5.4.58-r0
5.4.59-r0
5.4.60-r0
5.4.61-r0
5.4.61-r1
5.4.62-r0
5.4.63-r0
5.4.64-r0
5.4.65-r0
5.4.66-r0
5.4.67-r0
5.4.68-r0
5.4.69-r0
5.4.70-r0
5.4.71-r0
5.4.72-r0
5.4.73-r0
5.4.74-r0
5.4.75-r0
5.4.77-r0
5.4.78-r0
5.4.79-r0
5.4.80-r0
5.4.81-r0
5.4.82-r0
5.10.0-r0
5.10.1-r0
5.10.1-r1
5.10.2-r0
5.10.3-r0

Alpine:v3.14 / xen

Package

Name
xen
Purl
pkg:apk/alpine/xen?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.15 / linux-lts

Package

Name
linux-lts
Purl
pkg:apk/alpine/linux-lts?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.4-r0

Affected versions

5.*

5.4.0-r1
5.4.0-r2
5.4.0-r3
5.4.1-r0
5.4.2-r0
5.4.3-r0
5.4.4-r0
5.4.4-r1
5.4.5-r0
5.4.6-r0
5.4.7-r0
5.4.8-r0
5.4.10-r0
5.4.11-r0
5.4.12-r0
5.4.12-r1
5.4.13-r1
5.4.14-r0
5.4.16-r0
5.4.17-r0
5.4.18-r0
5.4.20-r0
5.4.20-r1
5.4.21-r0
5.4.22-r0
5.4.23-r0
5.4.23-r1
5.4.24-r1
5.4.25-r0
5.4.26-r0
5.4.27-r0
5.4.28-r0
5.4.29-r0
5.4.30-r0
5.4.31-r0
5.4.32-r0
5.4.33-r0
5.4.34-r0
5.4.35-r0
5.4.36-r0
5.4.38-r0
5.4.39-r0
5.4.40-r0
5.4.41-r0
5.4.42-r0
5.4.42-r1
5.4.43-r0
5.4.43-r1
5.4.44-r0
5.4.45-r0
5.4.46-r0
5.4.46-r1
5.4.47-r0
5.4.47-r1
5.4.48-r0
5.4.49-r0
5.4.50-r0
5.4.51-r0
5.4.52-r0
5.4.53-r0
5.4.54-r0
5.4.54-r1
5.4.54-r2
5.4.55-r0
5.4.57-r0
5.4.57-r1
5.4.58-r0
5.4.59-r0
5.4.60-r0
5.4.61-r0
5.4.61-r1
5.4.62-r0
5.4.63-r0
5.4.64-r0
5.4.65-r0
5.4.66-r0
5.4.67-r0
5.4.68-r0
5.4.69-r0
5.4.70-r0
5.4.71-r0
5.4.72-r0
5.4.73-r0
5.4.74-r0
5.4.75-r0
5.4.77-r0
5.4.78-r0
5.4.79-r0
5.4.80-r0
5.4.81-r0
5.4.82-r0
5.10.0-r0
5.10.1-r0
5.10.1-r1
5.10.2-r0
5.10.3-r0

Alpine:v3.15 / xen

Package

Name
xen
Purl
pkg:apk/alpine/xen?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.16 / linux-lts

Package

Name
linux-lts
Purl
pkg:apk/alpine/linux-lts?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.4-r0

Affected versions

5.*

5.4.0-r1
5.4.0-r2
5.4.0-r3
5.4.1-r0
5.4.2-r0
5.4.3-r0
5.4.4-r0
5.4.4-r1
5.4.5-r0
5.4.6-r0
5.4.7-r0
5.4.8-r0
5.4.10-r0
5.4.11-r0
5.4.12-r0
5.4.12-r1
5.4.13-r1
5.4.14-r0
5.4.16-r0
5.4.17-r0
5.4.18-r0
5.4.20-r0
5.4.20-r1
5.4.21-r0
5.4.22-r0
5.4.23-r0
5.4.23-r1
5.4.24-r1
5.4.25-r0
5.4.26-r0
5.4.27-r0
5.4.28-r0
5.4.29-r0
5.4.30-r0
5.4.31-r0
5.4.32-r0
5.4.33-r0
5.4.34-r0
5.4.35-r0
5.4.36-r0
5.4.38-r0
5.4.39-r0
5.4.40-r0
5.4.41-r0
5.4.42-r0
5.4.42-r1
5.4.43-r0
5.4.43-r1
5.4.44-r0
5.4.45-r0
5.4.46-r0
5.4.46-r1
5.4.47-r0
5.4.47-r1
5.4.48-r0
5.4.49-r0
5.4.50-r0
5.4.51-r0
5.4.52-r0
5.4.53-r0
5.4.54-r0
5.4.54-r1
5.4.54-r2
5.4.55-r0
5.4.57-r0
5.4.57-r1
5.4.58-r0
5.4.59-r0
5.4.60-r0
5.4.61-r0
5.4.61-r1
5.4.62-r0
5.4.63-r0
5.4.64-r0
5.4.65-r0
5.4.66-r0
5.4.67-r0
5.4.68-r0
5.4.69-r0
5.4.70-r0
5.4.71-r0
5.4.72-r0
5.4.73-r0
5.4.74-r0
5.4.75-r0
5.4.77-r0
5.4.78-r0
5.4.79-r0
5.4.80-r0
5.4.81-r0
5.4.82-r0
5.10.0-r0
5.10.1-r0
5.10.1-r1
5.10.2-r0
5.10.3-r0

Alpine:v3.16 / xen

Package

Name
xen
Purl
pkg:apk/alpine/xen?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.17 / linux-lts

Package

Name
linux-lts
Purl
pkg:apk/alpine/linux-lts?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.4-r0

Affected versions

5.*

5.4.0-r1
5.4.0-r2
5.4.0-r3
5.4.1-r0
5.4.2-r0
5.4.3-r0
5.4.4-r0
5.4.4-r1
5.4.5-r0
5.4.6-r0
5.4.7-r0
5.4.8-r0
5.4.10-r0
5.4.11-r0
5.4.12-r0
5.4.12-r1
5.4.13-r1
5.4.14-r0
5.4.16-r0
5.4.17-r0
5.4.18-r0
5.4.20-r0
5.4.20-r1
5.4.21-r0
5.4.22-r0
5.4.23-r0
5.4.23-r1
5.4.24-r1
5.4.25-r0
5.4.26-r0
5.4.27-r0
5.4.28-r0
5.4.29-r0
5.4.30-r0
5.4.31-r0
5.4.32-r0
5.4.33-r0
5.4.34-r0
5.4.35-r0
5.4.36-r0
5.4.38-r0
5.4.39-r0
5.4.40-r0
5.4.41-r0
5.4.42-r0
5.4.42-r1
5.4.43-r0
5.4.43-r1
5.4.44-r0
5.4.45-r0
5.4.46-r0
5.4.46-r1
5.4.47-r0
5.4.47-r1
5.4.48-r0
5.4.49-r0
5.4.50-r0
5.4.51-r0
5.4.52-r0
5.4.53-r0
5.4.54-r0
5.4.54-r1
5.4.54-r2
5.4.55-r0
5.4.57-r0
5.4.57-r1
5.4.58-r0
5.4.59-r0
5.4.60-r0
5.4.61-r0
5.4.61-r1
5.4.62-r0
5.4.63-r0
5.4.64-r0
5.4.65-r0
5.4.66-r0
5.4.67-r0
5.4.68-r0
5.4.69-r0
5.4.70-r0
5.4.71-r0
5.4.72-r0
5.4.73-r0
5.4.74-r0
5.4.75-r0
5.4.77-r0
5.4.78-r0
5.4.79-r0
5.4.80-r0
5.4.81-r0
5.4.82-r0
5.10.0-r0
5.10.1-r0
5.10.1-r1
5.10.2-r0
5.10.3-r0

Alpine:v3.17 / xen

Package

Name
xen
Purl
pkg:apk/alpine/xen?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.18 / linux-lts

Package

Name
linux-lts
Purl
pkg:apk/alpine/linux-lts?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.4-r0

Affected versions

5.*

5.4.0-r1
5.4.0-r2
5.4.0-r3
5.4.1-r0
5.4.2-r0
5.4.3-r0
5.4.4-r0
5.4.4-r1
5.4.5-r0
5.4.6-r0
5.4.7-r0
5.4.8-r0
5.4.10-r0
5.4.11-r0
5.4.12-r0
5.4.12-r1
5.4.13-r1
5.4.14-r0
5.4.16-r0
5.4.17-r0
5.4.18-r0
5.4.20-r0
5.4.20-r1
5.4.21-r0
5.4.22-r0
5.4.23-r0
5.4.23-r1
5.4.24-r1
5.4.25-r0
5.4.26-r0
5.4.27-r0
5.4.28-r0
5.4.29-r0
5.4.30-r0
5.4.31-r0
5.4.32-r0
5.4.33-r0
5.4.34-r0
5.4.35-r0
5.4.36-r0
5.4.38-r0
5.4.39-r0
5.4.40-r0
5.4.41-r0
5.4.42-r0
5.4.42-r1
5.4.43-r0
5.4.43-r1
5.4.44-r0
5.4.45-r0
5.4.46-r0
5.4.46-r1
5.4.47-r0
5.4.47-r1
5.4.48-r0
5.4.49-r0
5.4.50-r0
5.4.51-r0
5.4.52-r0
5.4.53-r0
5.4.54-r0
5.4.54-r1
5.4.54-r2
5.4.55-r0
5.4.57-r0
5.4.57-r1
5.4.58-r0
5.4.59-r0
5.4.60-r0
5.4.61-r0
5.4.61-r1
5.4.62-r0
5.4.63-r0
5.4.64-r0
5.4.65-r0
5.4.66-r0
5.4.67-r0
5.4.68-r0
5.4.69-r0
5.4.70-r0
5.4.71-r0
5.4.72-r0
5.4.73-r0
5.4.74-r0
5.4.75-r0
5.4.77-r0
5.4.78-r0
5.4.79-r0
5.4.80-r0
5.4.81-r0
5.4.82-r0
5.10.0-r0
5.10.1-r0
5.10.1-r1
5.10.2-r0
5.10.3-r0

Alpine:v3.18 / xen

Package

Name
xen
Purl
pkg:apk/alpine/xen?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.19 / linux-lts

Package

Name
linux-lts
Purl
pkg:apk/alpine/linux-lts?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.4-r0

Affected versions

5.*

5.4.0-r1
5.4.0-r2
5.4.0-r3
5.4.1-r0
5.4.2-r0
5.4.3-r0
5.4.4-r0
5.4.4-r1
5.4.5-r0
5.4.6-r0
5.4.7-r0
5.4.8-r0
5.4.10-r0
5.4.11-r0
5.4.12-r0
5.4.12-r1
5.4.13-r1
5.4.14-r0
5.4.16-r0
5.4.17-r0
5.4.18-r0
5.4.20-r0
5.4.20-r1
5.4.21-r0
5.4.22-r0
5.4.23-r0
5.4.23-r1
5.4.24-r1
5.4.25-r0
5.4.26-r0
5.4.27-r0
5.4.28-r0
5.4.29-r0
5.4.30-r0
5.4.31-r0
5.4.32-r0
5.4.33-r0
5.4.34-r0
5.4.35-r0
5.4.36-r0
5.4.38-r0
5.4.39-r0
5.4.40-r0
5.4.41-r0
5.4.42-r0
5.4.42-r1
5.4.43-r0
5.4.43-r1
5.4.44-r0
5.4.45-r0
5.4.46-r0
5.4.46-r1
5.4.47-r0
5.4.47-r1
5.4.48-r0
5.4.49-r0
5.4.50-r0
5.4.51-r0
5.4.52-r0
5.4.53-r0
5.4.54-r0
5.4.54-r1
5.4.54-r2
5.4.55-r0
5.4.57-r0
5.4.57-r1
5.4.58-r0
5.4.59-r0
5.4.60-r0
5.4.61-r0
5.4.61-r1
5.4.62-r0
5.4.63-r0
5.4.64-r0
5.4.65-r0
5.4.66-r0
5.4.67-r0
5.4.68-r0
5.4.69-r0
5.4.70-r0
5.4.71-r0
5.4.72-r0
5.4.73-r0
5.4.74-r0
5.4.75-r0
5.4.77-r0
5.4.78-r0
5.4.79-r0
5.4.80-r0
5.4.81-r0
5.4.82-r0
5.10.0-r0
5.10.1-r0
5.10.1-r1
5.10.2-r0
5.10.3-r0

Alpine:v3.19 / xen

Package

Name
xen
Purl
pkg:apk/alpine/xen?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.20 / linux-lts

Package

Name
linux-lts
Purl
pkg:apk/alpine/linux-lts?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.4-r0

Affected versions

5.*

5.4.0-r1
5.4.0-r2
5.4.0-r3
5.4.1-r0
5.4.2-r0
5.4.3-r0
5.4.4-r0
5.4.4-r1
5.4.5-r0
5.4.6-r0
5.4.7-r0
5.4.8-r0
5.4.10-r0
5.4.11-r0
5.4.12-r0
5.4.12-r1
5.4.13-r1
5.4.14-r0
5.4.16-r0
5.4.17-r0
5.4.18-r0
5.4.20-r0
5.4.20-r1
5.4.21-r0
5.4.22-r0
5.4.23-r0
5.4.23-r1
5.4.24-r1
5.4.25-r0
5.4.26-r0
5.4.27-r0
5.4.28-r0
5.4.29-r0
5.4.30-r0
5.4.31-r0
5.4.32-r0
5.4.33-r0
5.4.34-r0
5.4.35-r0
5.4.36-r0
5.4.38-r0
5.4.39-r0
5.4.40-r0
5.4.41-r0
5.4.42-r0
5.4.42-r1
5.4.43-r0
5.4.43-r1
5.4.44-r0
5.4.45-r0
5.4.46-r0
5.4.46-r1
5.4.47-r0
5.4.47-r1
5.4.48-r0
5.4.49-r0
5.4.50-r0
5.4.51-r0
5.4.52-r0
5.4.53-r0
5.4.54-r0
5.4.54-r1
5.4.54-r2
5.4.55-r0
5.4.57-r0
5.4.57-r1
5.4.58-r0
5.4.59-r0
5.4.60-r0
5.4.61-r0
5.4.61-r1
5.4.62-r0
5.4.63-r0
5.4.64-r0
5.4.65-r0
5.4.66-r0
5.4.67-r0
5.4.68-r0
5.4.69-r0
5.4.70-r0
5.4.71-r0
5.4.72-r0
5.4.73-r0
5.4.74-r0
5.4.75-r0
5.4.77-r0
5.4.78-r0
5.4.79-r0
5.4.80-r0
5.4.81-r0
5.4.82-r0
5.10.0-r0
5.10.1-r0
5.10.1-r1
5.10.2-r0
5.10.3-r0

Alpine:v3.20 / xen

Package

Name
xen
Purl
pkg:apk/alpine/xen?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.15-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.15-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.15-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}