Denial of Service Vulnerability in Xen XAPI Toolstack by Xen Project
CVE-2020-29487
7.5HIGH
What is CVE-2020-29487?
A vulnerability in the Xen XAPI toolstack prior to December 15, 2020, allows a malicious guest to manipulate certain xenstore keys, leading to significant performance degradation. The watching logic in xenopsd could trigger extensive RPC updates, causing an exponential increase in resource consumption. With inadequate quotas in the xenopsd system and a substantial allowed memory usage, an attacker can exploit this vulnerability to monopolize memory in dom0, resulting in a denial of service for the host. This flaw can severely impact system stability, potentially leading to thrashing against swap space or complete out-of-memory conditions.