Xen: Buffer overflow

Xen: Buffer overflow A buffer overflow in Xen might allow remote attacker(s) to execute arbitrary code. xen 2020-09-29 2020-09-29 738040 local, remote 4.13.1-r3 4.13.1-r3 4.13.1-r3 4.13.1-r3

Xen is a bare-metal hypervisor.

An out-of-bounds read/write access issue was found in the USB emulator when using QEMU.

A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition.

There is no known workaround at this time.

All Xen users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.13.1-r3"

All Xen tools users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose
      ">=app-emulation/xen-tools-4.13.1-r3"

CVE-2020-14364 XSA-335 sam_c sam_c