An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html | |
http://www.securityfocus.com/bid/106182 | Third Party Advisory VDB Entry |
https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/ | |
https://support.citrix.com/article/CTX239432 | Third Party Advisory |
https://www.debian.org/security/2019/dsa-4369 | Third Party Advisory |
https://xenbits.xen.org/xsa/advisory-275.html | Vendor Advisory Patch |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 02:55
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2018-12-08 04:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-19962
Mitre link : CVE-2018-19962
CVE.ORG link : CVE-2018-19962
JSON object : View
Products Affected
debian
- debian_linux
citrix
- xenserver
xen
- xen
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor