CVE-2019-19580: Race Condition
First published: Wed Dec 11 2019(Updated: )
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. XSA-299 addressed several critical issues in restartable PV type change operations. Despite extensive testing and auditing, some corner cases were missed. A malicious PV guest administrator may be able to escalate their privilege to that of the host. All security-supported versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Note that these attacks require very precise timing, which may be difficult to exploit in practice.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/xen | 4.11.4+107-gef32c7afa2-1 4.14.6-1 4.14.5+94-ge49571868d-1 4.17.2+76-ge1f9cb16e2-1~deb12u1 4.17.2+76-ge1f9cb16e2-1 | |
| Xen xen-unstable | <=4.12.1 | |
| Fedora | =31 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00011.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34HBFTYNMQMWIO2GGK7DB6KV4M6R5YPV/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5R73AYE53QA32KTMHUVKCX6E52CIS43/
- https://seclists.org/bugtraq/2020/Jan/21
- https://security.gentoo.org/glsa/202003-56
- https://www.debian.org/security/2020/dsa-4602
- https://xenbits.xen.org/xsa/advisory-310.html
- https://security-tracker.debian.org/tracker/CVE-2019-19580
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D5R73AYE53QA32KTMHUVKCX6E52CIS43/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/34HBFTYNMQMWIO2GGK7DB6KV4M6R5YPV/
Frequently Asked Questions
What is the severity of CVE-2019-19580?
CVE-2019-19580 has a critical severity rating due to its potential to allow x86 PV guest OS users to gain host OS privileges.
How do I fix CVE-2019-19580?
To fix CVE-2019-19580, upgrade to a version of Xen that is later than 4.12.1 or apply relevant security patches provided by your Linux distribution.
Who is affected by CVE-2019-19580?
CVE-2019-19580 affects users of Xen versions up to and including 4.12.1 on x86 PV guest operating systems.
What are the consequences of exploiting CVE-2019-19580?
Exploitation of CVE-2019-19580 can lead to unauthorized access to the host operating system, compromising the integrity and security of the system.
Is CVE-2019-19580 related to other vulnerabilities?
Yes, CVE-2019-19580 is related to an incomplete fix for CVE-2019-18421, which also involves race conditions in Xen.
- collector/security-tracker-debian
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/last-modified-date
- agent/author
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/debian
- vendor/xen
- canonical/xen xen-unstable
- version/xen xen-unstable/4.12.1
- vendor/fedoraproject
- canonical/fedora
- version/fedora/31