CVE-2020-0909

Summary

A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to properly handle these network packets., aka 'Windows Hyper-V Denial of Service Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftWindows10 Version 1803 for x64-based Systemsaffected
MicrosoftWindows10 Version 1809 for x64-based Systemsaffected
MicrosoftWindows10 Version 1709 for x64-based Systemsaffected
MicrosoftWindows10 for x64-based Systemsaffected
MicrosoftWindows10 Version 1607 for x64-based Systemsaffected
MicrosoftWindows7 for x64-based Systems Service Pack 1affected
MicrosoftWindows8.1 for x64-based systemsaffected
MicrosoftWindows Serverversion 1803 (Core Installation)affected
MicrosoftWindows Server2019affected
MicrosoftWindows Server2019 (Core installation)affected
MicrosoftWindows Server2016affected
MicrosoftWindows Server2016 (Core installation)affected
MicrosoftWindows Server2008 for x64-based Systems Service Pack 2affected
MicrosoftWindows Server2008 for x64-based Systems Service Pack 2 (Core installation)affected
MicrosoftWindows Server2008 R2 for x64-based Systems Service Pack 1affected
MicrosoftWindows Server2008 R2 for x64-based Systems Service Pack 1 (Core installation)affected
MicrosoftWindows Server2012affected
MicrosoftWindows Server2012 (Core installation)affected
MicrosoftWindows Server2012 R2affected
MicrosoftWindows Server2012 R2 (Core installation)affected
MicrosoftWindows 10 Version 1903 for x64-based Systemsunspecifiedaffected
MicrosoftWindows Server, version 1903 (Server Core installation)unspecifiedaffected
MicrosoftWindows 10 Version 1909 for x64-based Systemsunspecifiedaffected
MicrosoftWindows Server, version 1909 (Server Core installation)unspecifiedaffected

Weaknesses

  • Denial of Service

ADP Enrichment

CVE Program Container

Additional References

References