CVE-2020-15687 - Vulnerability Details - OpenCVE

Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and Denial of Service (DoS) for previously assigned PCIe devices to the Service VM at runtime.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linuxfoundation	Acrn

Configuration 1 [-]

OR	cpe:2.3:o:linuxfoundation:acrn:1.6.1:::::::*
	cpe:2.3:o:linuxfoundation:acrn:2.0:::::::*

No data.

References

Link	Providers
https://projectacrn.github.io/2.1/asa.html#addressed-in-acrn-v2-1
https://projectacrn.github.io/latest/
https://projectacrn.github.io/latest/developer-guides/hld/split-dm.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-08-31T15:39:24

Updated: 2024-08-04T13:22:30.722Z

Reserved: 2020-07-13T00:00:00

Link: CVE-2020-15687

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-08-31T16:15:14.897

Modified: 2024-11-21T05:06:00.930

Link: CVE-2020-15687

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and Denial of Service (DoS) for previously assigned PCIe devices to the Service VM at runtime."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-08-31T15:39:24", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://projectacrn.github.io/latest/"}, {"tags": ["x_refsource_MISC"], "url": "https://projectacrn.github.io/latest/developer-guides/hld/split-dm.html"}, {"tags": ["x_refsource_MISC"], "url": "https://projectacrn.github.io/2.1/asa.html#addressed-in-acrn-v2-1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-15687", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and Denial of Service (DoS) for previously assigned PCIe devices to the Service VM at runtime."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://projectacrn.github.io/latest/", "refsource": "MISC", "url": "https://projectacrn.github.io/latest/"}, {"name": "https://projectacrn.github.io/latest/developer-guides/hld/split-dm.html", "refsource": "MISC", "url": "https://projectacrn.github.io/latest/developer-guides/hld/split-dm.html"}, {"name": "https://projectacrn.github.io/2.1/asa.html#addressed-in-acrn-v2-1", "refsource": "MISC", "url": "https://projectacrn.github.io/2.1/asa.html#addressed-in-acrn-v2-1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:22:30.722Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://projectacrn.github.io/latest/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://projectacrn.github.io/latest/developer-guides/hld/split-dm.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://projectacrn.github.io/2.1/asa.html#addressed-in-acrn-v2-1"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-15687", "datePublished": "2020-08-31T15:39:24", "dateReserved": "2020-07-13T00:00:00", "dateUpdated": "2024-08-04T13:22:30.722Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linuxfoundation:acrn:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "850138C2-B1B6-4C61-A646-3021B83A2B64", "vulnerable": true}, {"criteria": "cpe:2.3:o:linuxfoundation:acrn:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A5B5CE9-4F67-4327-96DA-137B2693681B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and Denial of Service (DoS) for previously assigned PCIe devices to the Service VM at runtime."}, {"lang": "es", "value": "Una falta de restricciones del control de acceso en el componente Hypervisor del CRN Project (versiones v2.0 y v1.6.1), permite a una entidad maliciosa con acceso root en el espacio de usuario de Service VM, abusar de las Hypercalls de asignaci\u00f3n y desasignaci\u00f3n de PCIe por medio de ioctls y cargas \u00fatiles dise\u00f1adas. Este ataque resulta en un estado corrupto y una Denegaci\u00f3n de Servicio (DoS) para dispositivos PCIe asignados previamente a la Service VM en tiempo de ejecuci\u00f3n"}], "id": "CVE-2020-15687", "lastModified": "2024-11-21T05:06:00.930", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-08-31T16:15:14.897", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://projectacrn.github.io/2.1/asa.html#addressed-in-acrn-v2-1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://projectacrn.github.io/latest/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://projectacrn.github.io/latest/developer-guides/hld/split-dm.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://projectacrn.github.io/2.1/asa.html#addressed-in-acrn-v2-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://projectacrn.github.io/latest/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://projectacrn.github.io/latest/developer-guides/hld/split-dm.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}