How severe is CVE-2020-29567?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.2 out of 10.

What type of vulnerability is CVE-2020-29567?

This is classified as CWE-770, which is a common weakness in software security.

CVE-2020-29567 - MEDIUM Severity | CVSS 6.2

Vulnerability Description

An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of IRQ handling, IRQ vectors are dynamically allocated and de-allocated on the relevant CPUs. De-allocation has to happen when certain constraints are met. If these conditions are not met when first checked, the checking CPU may send an interrupt to itself, in the expectation that this IRQ will be delivered only after the condition preventing the cleanup has cleared. For two specific IRQ vectors, this expectation was violated, resulting in a continuous stream of self-interrupts, which renders the CPU effectively unusable. A domain with a passed through PCI device can cause lockup of a physical CPU, resulting in a Denial of Service (DoS) to the entire host. Only x86 systems are vulnerable. Arm systems are not vulnerable. Only guests with physical PCI devices passed through to them can exploit the vulnerability.

Related Vulnerabilities

CVE-2020-29570

MEDIUM

CVSS:6.2(Medium)

An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing t...

CWE-7702020

CVE-2022-34308

MEDIUM

CVSS:6.2(Medium)

IBM CICS TX 11.1 could allow a local user to cause a denial of service due to improper load handling. IBM X-Force ID: 229437.

CWE-7702022

CVE-2024-31314

MEDIUM

CVSS:6.2(Medium)

In multiple functions of ShortcutService.java, there is a possible persistent DOS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed....

CWE-7702024

CVE-2024-43083

MEDIUM

CVSS:6.2(Medium)

In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privile...

CWE-7702024

CVE-2024-47969

MEDIUM

CVSS:6.2(Medium)

Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service.

CWE-7702024

CVE-2022-4723

MEDIUM

CVSS:6.3(Medium)

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5.

CWE-7702022