Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-19966

Опубликовано: 08 дек. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.2
CVSS3: 8.8

Описание

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exists because of an incorrect fix for CVE-2017-15595.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

not-affected

4.11.1-1
disco

ignored

end of life
eoan

ignored

end of life
esm-apps/focal

not-affected

4.11.1-1
esm-apps/jammy

not-affected

4.11.1-1
esm-apps/noble

not-affected

4.11.1-1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needs-triage]
esm-infra/bionic

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 32%
0.00123
Низкий

7.2 High

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-19966

CVSS3: 5.1
redhat
около 7 лет назад

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exists because of an incorrect fix for CVE-2017-15595.

nvd логотип

CVE-2018-19966

CVSS3: 8.8
nvd
около 7 лет назад

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exists because of an incorrect fix for CVE-2017-15595.

debian логотип

CVE-2018-19966

CVSS3: 8.8
debian
около 7 лет назад

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...

github логотип

GHSA-3635-87f7-gfgj

CVSS3: 8.8
github
больше 3 лет назад

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exists because of an incorrect fix for CVE-2017-15595.

fstec логотип

BDU:2019-00953

CVSS3: 8.8
fstec
около 7 лет назад

Уязвимость интерпретации структуры данных union гипервизора Xen, связанная с теневой подкачкой данных, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии в системе

EPSS

Процентиль: 32%
0.00123
Низкий

7.2 High

CVSS2

8.8 High

CVSS3