CVE-2020-27674

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-27674
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-27674.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-27674
Downstream
Related
Published
2020-10-22T21:15:14.077Z
Modified
2026-02-14T00:47:12.685582Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
[none]
Details

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.

References

Affected packages

Git / github.com/sleuthkit/sleuthkit

Affected ranges

Type
GIT
Repo
https://github.com/sleuthkit/sleuthkit
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c6efd66293546b9c95637be703c7c7823e950629

Affected versions

Other
VisualStudio_2010
ct-3.*
ct-3.10.0
ct-3.11.0
ct-3.12.0
ct-3.13.0
ct-3.5.0
ct-3.6.0
ct-3.8.0
ct-3.9.0
sleuthkit-4.*
sleuthkit-4.0.0
sleuthkit-4.0.0b1
sleuthkit-4.0.1
sleuthkit-4.0.2
sleuthkit-4.1.0
sleuthkit-4.1.1
sleuthkit-4.1.2
sleuthkit-4.1.3
sleuthkit-4.10.0
sleuthkit-4.10.1
sleuthkit-4.10.2
sleuthkit-4.11.0
sleuthkit-4.11.1
sleuthkit-4.12.0
sleuthkit-4.12.1
sleuthkit-4.14.0
sleuthkit-4.2.0
sleuthkit-4.3.1
sleuthkit-4.4.0
sleuthkit-4.4.1
sleuthkit-4.4.2
sleuthkit-4.5.0
sleuthkit-4.6.0
sleuthkit-4.6.1
sleuthkit-4.6.2
sleuthkit-4.6.3
sleuthkit-4.6.4
sleuthkit-4.6.5
sleuthkit-4.6.6
sleuthkit-4.6.7
sleuthkit-4.7.0
sleuthkit-4.8.0
sleuthkit-4.8.0-fixed
sleuthkit-4.9.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-27674.json"