CVE-2020-29568

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-29568

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-29568.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-29568

Downstream

ALPINE-CVE-2020-29568

DEBIAN-CVE-2020-29568

DLA-2557-1

DLA-2586-1

DSA-4843-1

OESA-2021-1086

OESA-2021-1087

SUSE-SU-2021:0347-1

SUSE-SU-2021:0348-1

SUSE-SU-2021:0353-1

SUSE-SU-2021:0354-1

SUSE-SU-2021:0427-1

SUSE-SU-2021:0433-1

SUSE-SU-2021:0434-1

SUSE-SU-2021:0437-1

SUSE-SU-2021:0438-1

SUSE-SU-2021:0452-1

SUSE-SU-2021:0532-1

UBUNTU-CVE-2020-29568

USN-4748-1

USN-4749-1

USN-4750-1

USN-4751-1

openSUSE-SU-2021:0075-1

openSUSE-SU-2021:0241-1

Related

Published

2020-12-15T17:15:14Z

Modified

2025-08-09T20:01:26Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OOM in the backend. All systems with a FreeBSD, Linux, or NetBSD (any version) dom0 are vulnerable.

References

Affected packages