NULL pointer dereference in xen (Alpine package)
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2020-29484 |
| CWE-ID | CWE-476 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
IBM Systems Director Server applications / Other server solutions xen (Alpine package) Operating systems & Components / Operating system package or component |
| Vendor |
IBM Corporation Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) NULL pointer dereference
EUVDB-ID: #VU49134
Risk: Medium
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H/E:U/U:Green]
CVE-ID: CVE-2020-29484
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via Xenstore messages, consisting of a message header and the payload. The payload length is limited to 4096 bytes. Any request to xenstored resulting in a response with a payload longer than 4096 bytes will result in an error. When registering a watch, the payload length limit applies to the combined length of the watched path and the specified tag. Because watches for a specific path are also triggered for all nodes below that path, the payload of a watch event message can be longer than the payload needed to register the watch. A malicious guest that registers a watch using a very large tag (i.e., with a registration operation payload length close to the 4096 byte limit) can cause the generation of watch events with a payload length larger than 4096 bytes, by writing to Xenstore entries below the watched path. This will result in an error condition in xenstored. This error can result in a NULL pointer dereference, leading to a crash of xenstored. A malicious guest administrator can cause xenstored to crash, leading to a denial of service. Following a xenstored crash, domains may continue to run, but management operations will be impossible. Only C xenstored is affected, oxenstored is not affected.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Systems Director: 6.3.2.2
xen (Alpine package): 1.42
xen (Alpine package): 1.1.7-0ubuntu1 - 1.2.3-0ubuntu2.7
xen (Alpine package): 3.0.8-1 - 3.0.13-1
xen (Alpine package): 2:1.3.2-2ubuntu0.1
xen (Alpine package): 1:6.2.3-5
xen (Alpine package): 0.11-4
xen (Alpine package): 3.2.21-1
xen (Alpine package): 1.88-1
xen (Alpine package): 0.2.3.2-1
xen (Alpine package): 0.101 - 0.102ubuntu1
xen (Alpine package): 0.1.0-0ubuntu1 - 0.1.5-0ubuntu1
xen (Alpine package): 3.1-1 - 3.1-2
xen (Alpine package): 1.3.1-1 - 1.3.1-2
xen (Alpine package): 3.1-1
xen (Alpine package): 0.18.1.1-9ubuntu1
xen (Alpine package): 4.63-15
xen (Alpine package): 3.1.6.1-1
xen (Alpine package): 2.55-2 - 2.72-1
xen (Alpine package): 2.2.0.3-2ubuntu5
xen (Alpine package): 3.5.11.2003.06.04-3
xen (Alpine package): 5.4-2ubuntu1
xen (Alpine package): 5.4b-1
xen (Alpine package): 0.15
xen (Alpine package): 0.18ubuntu0.2 - 0.32
xen (Alpine package): 0.3.6.0amd12 - 1.12.9
xen (Alpine package): 1.9.9-3 - 1.9.10-1
xen (Alpine package): 0.48-4
xen (Alpine package): 0.9b-20040421-1 - 1.1-20120215-2
xen (Alpine package): 0.16 - 0.35
xen (Alpine package): 0.2 - 0.9
xen (Alpine package): 0.4
xen (Alpine package): 2.5.3 - 2.17.5ubuntu1
xen (Alpine package): 3.4.0-1
xen (Alpine package): 0.14-1 - 0.15-2
xen (Alpine package): 2014.1-3
xen (Alpine package): 24.0-0ubuntu1
xen (Alpine package): 0.5.2-0ubuntu1 - 1.2.5ubuntu1daily13.06.14-0ubuntu1
xen (Alpine package): 3.0-0ubuntu1
xen (Alpine package): 1.5.2 - 1.6.2
xen (Alpine package): 0.1.8 - 1.0.75
xen (Alpine package): 1.20.0 - 2.18.2
xen (Alpine package): 20081029ubuntu63 - 20101020ubuntu468
xen (Alpine package): 0.74 - 9.20160115
xen (Alpine package): 0.2.12 - 1.5.49
xen (Alpine package): 1.8.8-2ubuntu1
xen (Alpine package): 0.2.8-8 - 0.2.11-1
xen (Alpine package): 0.3 - 1.8.42
xen (Alpine package): 5.3.28-3 - 5.3.28-4
xen (Alpine package): 1.5
xen (Alpine package): 0.4.5 - 0.5.8-2.2
xen (Alpine package): 0.2.11-1build1
xen (Alpine package): 0.63
xen (Alpine package): 0.3.1-0ubuntu1 - 0.10.0-3
xen (Alpine package): 0.13-1 - 0.22.1-2
xen (Alpine package): 2.1.0-2 - 2.1.26.dfsg1-14
xen (Alpine package): 0.5.16-3.5ubuntu1 - 0.5.17-6
xen (Alpine package): 1.3-1 - 1.3-3
xen (Alpine package): 5.11-1 - 7.35.0-1
xen (Alpine package): 1.3.9-17 - 2.0.3-2
xen (Alpine package): 0.1.2-1 - 0.2.6-1ubuntu1
xen (Alpine package): 1.0.47-2 - 1.0.64-0ubuntu1
xen (Alpine package): 2.1-3-dfsg-1 - 2.1-3-dfsg-2
xen (Alpine package): 0.100-3
xen (Alpine package): 2:1.0.6-2ubuntu7 - 2:1.6.4-1
xen (Alpine package): 0.8 - 9ubuntu2
xen (Alpine package): 3.0pl1-50 - 3.0pl1-119
xen (Alpine package): 1.0.0-0ubuntu1 - 1.0.0-0ubuntu2
xen (Alpine package): expression - 7.1.1-1
xen (Alpine package): 2.8.13-7 - 2.8.13-10
xen (Alpine package): 2.4.2-16 - 2.7-1
xen (Alpine package): 0.92-0ubuntu3 - 0.98-1
xen (Alpine package): 4.5.7-1 - 8.20-3ubuntu4
xen (Alpine package): 0.2.10-3 - 0.4.6-3
xen (Alpine package): 1.5 - 1.141
xen (Alpine package): 1:0.8.6-0ubuntu4 - 1:0.9.7.6-0ubuntu2
xen (Alpine package): 0.3ubuntu7 - 0.3ubuntu15.2
xen (Alpine package): 1.2.12-1ubuntu1 - 1.2.12-1
xen (Alpine package): 0.7-svn20050721 - 1.4.29-1
xen (Alpine package): 2.8.12.1-1.6 - 3.9.0-1
xen (Alpine package): 1.0.5-2 - 1.0.8-3
xen (Alpine package): 0.25-0ubuntu1 - 0.25-0ubuntu3
xen (Alpine package): 0.9-0ubuntu1 - 0.12-0ubuntu1
xen (Alpine package): 1.4.4
xen (Alpine package): 2.2.15-1
xen (Alpine package): 1.4.2
xen (Alpine package): 4.8.9
xen (Alpine package): 3.0.4
xen (Alpine package): 2.1.0
xen (Alpine package): 1.4.17
xen (Alpine package): 2.2.0b2
xen (Alpine package): r12.0 nil
xen (Alpine package): 3.0
xen (Alpine package):
xen (Alpine package): before 4.14.1-r0
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_systems_director:6.3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.42:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.1.7-0ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.2.0-0ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.2.1-0ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.0.8-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.0.13-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2:1.3.2-2ubuntu0.1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1:6.2.3-5:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.11-4:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.2.21-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.88-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.2.3.2-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.101:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.1.0-0ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.1-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.3.1-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.1-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.18.1.1-9ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:4.63-15:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.1.6.1-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2.55-2:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2.2.0.3-2ubuntu5:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.5.11.2003.06.04-3:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:5.4-2ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:5.4b-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.15:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.18ubuntu0.2:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.3.6.0amd12:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.9.9-3:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.48-4:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.9b-20040421-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.16:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.2:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.4:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2.5.3:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.4.0-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.14-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2014.1-3:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:24.0-0ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.5.2-0ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.0-0ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.5.2:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.1.8:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.20.0:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:20081029ubuntu63:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.74:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.2.12:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.8.8-2ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.2.8-8:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.3:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:5.3.28-3:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.5:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.4.5:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.2.11-1build1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.63:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.3.1-0ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.13-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2.1.0-2:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.5.16-3.5ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.3-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:5.11-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.3.9-17:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.1.2-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.0.47-2:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2.1-3-dfsg-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.100-3:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2:1.0.6-2ubuntu7:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.8:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.0pl1-50:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.0.0-0ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:expression:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2.8.13-7:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2.4.2-16:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.92-0ubuntu3:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:4.5.7-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.2.10-3:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.5:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1:0.8.6-0ubuntu4:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.3ubuntu7:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.2.12-1ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.7-svn20050721:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2.8.12.1-1.6:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.0.5-2:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.25-0ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:0.9-0ubuntu1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.4.4:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2.2.15-1:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.4.2:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:4.8.9:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.0.4:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2.1.0:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:1.4.17:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:2.2.0b2:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:r12.0 nil:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:3.0:*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package::*:*:*:*:alpine_linux:*:*
- cpe:2.3:a:alpine:xen_alpine_package:*:*:*:*:*:alpine_linux:*:3.12
https://git.alpinelinux.org/aports/commit/?id=1f5fe5eb0e0bb4588f6b1b8b4e1563293acbb087
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
