Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-19965

Опубликовано: 08 дек. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.7
CVSS3: 5.6

Описание

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

not-affected

4.11.1-1
disco

ignored

end of life
eoan

ignored

end of life
esm-apps/focal

not-affected

4.11.1-1
esm-apps/jammy

not-affected

4.11.1-1
esm-apps/noble

not-affected

4.11.1-1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needs-triage]
esm-infra/bionic

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 40%
0.0018
Низкий

4.7 Medium

CVSS2

5.6 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-19965

CVSS3: 5.9
redhat
около 7 лет назад

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.

nvd логотип

CVE-2018-19965

CVSS3: 5.6
nvd
около 7 лет назад

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.

debian логотип

CVE-2018-19965

CVSS3: 5.6
debian
около 7 лет назад

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest ...

github логотип

GHSA-c3g2-qp55-6gjf

CVSS3: 5.6
github
больше 3 лет назад

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.

fstec логотип

BDU:2019-01307

CVSS3: 5.6
fstec
около 7 лет назад

Уязвимость гипервизора Xen, связанная с недостаточной обработкой данных при передаче адреса в код сброса TLB, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 40%
0.0018
Низкий

4.7 Medium

CVSS2

5.6 Medium

CVSS3