How severe is CVE-2020-11739?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2020-11739?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2020-11739

HIGH Year: 2020

CVSS v3 Score

7.8

High

CVSS v2 Score

6.9

Medium

Weakness Type

CWE-362

View all →

Vulnerability Description

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read-write unlock paths don't contain a memory barrier. On Arm, this means a processor is allowed to re-order the memory access with the preceding ones. In other words, the unlock may be seen by another processor before all the memory accesses within the "critical" section. As a consequence, it may be possible to have a writer executing a critical section at the same time as readers or another writer. In other words, many of the assumptions (e.g., a variable cannot be modified after a check) in the critical sections are not safe anymore. The read-write locks are used in hypercalls (such as grant-table ones), so a malicious guest could exploit the race. For instance, there is a small window where Xen can leak memory if XENMAPSPACE_grant_table is used concurrently. A malicious guest may be able to leak memory, or cause a hypervisor crash resulting in a Denial of Service (DoS). Information leak and privilege escalation cannot be excluded.

CVE-2014-9914

HIGH

CVSS:7.8(High)

Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by l...

CWE-3622014

CVE-2016-3914

HIGH

CVSS:7.8(High)

Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attacke...

CWE-3622016

CVE-2016-7911

HIGH

CVSS:7.8(High)

Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted iopr...

CWE-3622016

CVE-2016-8655

HIGH

CVSS:7.8(High)

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability...

CWE-3622016

CVE-2016-9038

HIGH

CVSS:7.8(High)

An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corr...

CWE-3622016

CVE-2016-9794

HIGH

CVSS:7.8(High)

Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or p...

CWE-3622016

CVE-2020-11739

Vulnerability Description

Related Vulnerabilities

CVE-2014-9914

CVE-2016-3914

CVE-2016-7911

CVE-2016-8655

CVE-2016-9038

CVE-2016-9794