CVE-2021-28039 vulnerability in Linux and Other Products
Published on March 5, 2021

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has CONFIG_XEN_UNPOPULATED_ALLOC but not CONFIG_XEN_BALLOON_MEMORY_HOTPLUG.

NVD

Products Associated with CVE-2021-28039

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-28039 are published in these products:

Linux Kernel

Citrix Xen Xen

NetApp Cloud Backup

NetApp Solidfire Baseboard Management Controller Firmware

Exploit Probability

EPSS

0.14%

Percentile

34.05%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-28039 vulnerability in Linux and Other ProductsPublished on March 5, 2021

Products Associated with CVE-2021-28039

Exploit Probability

CVE-2021-28039 vulnerability in Linux and Other Products
Published on March 5, 2021