CVE-2018-19962

Опубликовано: 08 дек. 2018

Источник: debian

EPSS Низкий

Описание

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
xen	fixed	4.11.1-1		package

Примечания

https://xenbits.xen.org/xsa/advisory-275.txt

EPSS

Процентиль: 40%

0.00181

Низкий

Связанные уязвимости

CVE-2018-19962

CVSS3: 7.8

ubuntu

около 7 лет назад

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.

CVE-2018-19962

CVSS3: 8.1

redhat

около 7 лет назад

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.

CVE-2018-19962

CVSS3: 7.8

nvd

около 7 лет назад

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.

GHSA-2hh5-jxwx-3pwr

CVSS3: 7.8

github

больше 3 лет назад

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.

BDU:2019-01306

CVSS3: 7.8

fstec

около 7 лет назад

Уязвимость гипервизора Xen, связанная с небезопасным объединением небольших IOMMU с более крупными, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 40%

0.00181

Низкий