CVE-2018-19961 — Incomplete Cleanup in XEN

CWE-459 — Incomplete Cleanup CWE-212 — Improper Removal of Sensitive Information Before Storage or Transfer7 documents7 sources

Severity

7.8HIGHNVD

EPSS

0.2%

top 60.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Citrix Xenserver Debian Linux

Timeline

PublishedDec 8

Latest updateMay 13

Description

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 1.1 | Impact: 6.0

Affected Packages3 packages

▶Debianxen/xen< 4.11.1-1+3

▶NVDxen/xen4.11.1

▶NVDcitrix/xenserver4 versions+3

Also affects: Debian Linux 9.0

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-qwxp-946x-p86v: An issue was discovered in Xen through 4↗2022-05-13

▶

CVEList

CVE-2018-19961: An issue was discovered in Xen through 4↗2018-12-08

▶

OSV

CVE-2018-19961: An issue was discovered in Xen through 4↗2018-12-08

▶

📋Vendor Advisories

Red Hat

xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs↗2018-11-20

▶

Debian

CVE-2018-19961: xen - An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly all...↗2018

▶

💬Community

Bugzilla

CVE-2018-19961 CVE-2018-19962 xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs↗2018-11-07

▶