CVE-2018-19965
published 2018-12-08CVE-2018-19965: An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a…
medium5.6CVSS 3.0
AVLACHPRLUINSCCNINAH
An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| debian | debian_linux | — | — |
| debian | xen | < xen 4.11.1-1 (bookworm) | xen 4.11.1-1 (bookworm) |
| xen | xen | <= 4.11.1 | — |
| xen | xen | >= 0 < 4.11.1-1 | 4.11.1-1 |
| xen | xen | >= 0 < 4.11.1-1 | 4.11.1-1 |
| xen | xen | >= 0 < 4.11.1-1 | 4.11.1-1 |
| xen | xen | >= 0 < 4.11.1-1 | 4.11.1-1 |
CVSS provenance
nvdv3.05.6MEDIUMCVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
osv5.6MEDIUM