CVE-2018-19961
HIGH7.8EPSS 0.18%xen - security update
發布日:2018/12/8修改日:2025/12/3
也稱為:ALPINE-CVE-2018-19961DEBIAN-CVE-2018-19961
描述
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
受影響套件(4)
- Alpine/xenfrom 0, < 4.11.1-r0
- Debian/xenfrom 0, < 4.11.1-1
- Debian/xenfrom 0, < 4.4.4lts5-0+deb8u1
- Debian/xenfrom 0, < 4.8.5+shim4.10.2+xsa282-1+deb9u11
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |