Security Advisory

CVE-2020-15687

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-08-31 15:39:24

Last updated 2024-08-04 13:22:30

Assigner mitre

State PUBLISHED

Description

Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and Denial of Service (DoS) for previously assigned PCIe devices to the Service VM at runtime.

← Browse all CVEs View on cve.org ↗