Acknowledged
Created: Oct 22, 2020
Updated: Nov 4, 2020
Found In Version: 8.0.0.1
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Kernel
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device, aka CID-073d0552ead5.
CREATE(Triage):(User=admin) [CVE-2020-27675|https://nvd.nist.gov/vuln/detail/CVE-2020-27675]
