PT-2018-2670 · Amd+1 · Xen+1

Paul Durrant

Publicado

2018-12-07

Atualizado

2024-06-15

CVE-2018-19961

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Xen versions prior to 4.12

Description An issue in Xen on AMD x86 platforms may allow guest OS users to gain host OS privileges due to TLB flushes not always occurring after IOMMU mapping changes. The vulnerability is related to an incorrect TLB flush after IOMMU mapping changes, which can be exploited to elevate privileges.

Recommendations For Xen versions prior to 4.12, update to version 4.12 or later to resolve the issue. As a temporary workaround, consider implementing additional access controls to minimize the risk of privilege escalation. Restrict access to sensitive resources and limit the privileges of guest OS users to reduce the potential impact of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264CWE-459

Identificadores relacionados

BDU:2019-01305

CVE-2018-19961

DLA-1949-1

DSA-4369-1

OPENSUSE-SU-2018_4111-1

OPENSUSE-SU-2018_4304-1

OPENSUSE-SU-2019_1226-1

OPENSUSE-SU-2024:11520-1

SUSE-SU-2018:4070-1

SUSE-SU-2018:4300-1

SUSE-SU-2019:0003-1

SUSE-SU-2019:0020-1

SUSE-SU-2019:0825-1

SUSE-SU-2019:0827-1

SUSE-SU-2019:13921-1

SUSE-SU-2019:14011-1

Produtos afetados

Suse

Xen

PT-2018-2670 · Amd+1 · Xen+1

CVE-2018-19961

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 178