CVE-2019-18425

🗓️ 31 Oct 2019 13:39:17Reported by mitreType

An issue in Xen 4.12.x allows 32-bit PV guest OS users to gain privileges by exploiting missing descriptor table limit checking in x86 PV emulation

Reporter	Title	Published	Views	Family All 92
Circl	CVE-2019-18425	1 Feb 202410:12	–	circl
Citrix	Citrix Hypervisor Security Update	31 Oct 201904:00	–	citrix
Cvelist	CVE-2019-18425	31 Oct 201913:39	–	cvelist
Debian	[SECURITY] [DSA 4602-1] xen security update	13 Jan 202022:27	–	debian
Debian CVE	CVE-2019-18425	31 Oct 201913:39	–	debiancve
Tenable Nessus	Debian DSA-4602-1 : xen - security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)	15 Jan 202000:00	–	nessus
Tenable Nessus	Fedora 31 : xen (2019-376ec5c107)	20 Nov 201900:00	–	nessus
Tenable Nessus	Fedora 29 : xen (2019-865bb16900)	18 Nov 201900:00	–	nessus
Tenable Nessus	Fedora 30 : xen (2019-cbb732f760)	3 Dec 201900:00	–	nessus
Tenable Nessus	GLSA-202003-56 : Xen: Multiple vulnerabilities (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)	27 Mar 202000:00	–	nessus

NVD

Node

xen xenRange≤4.12.1x86

Node

Node

Source	Link
lists	www.lists.opensuse.org/opensuse-security-announce/2019-11/msg00037.html
openwall	www.openwall.com/lists/oss-security/2019/10/31/2
security	www.security.gentoo.org/glsa/202003-56
debian	www.debian.org/security/2020/dsa-4602
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2BQKX7M2RHCWDBKNPX4KEBI3MJIH6AYZ/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/
xenbits	www.xenbits.xen.org/xsa/advisory-298.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/
seclists	www.seclists.org/bugtraq/2020/Jan/21

21 Nov 2024 04:33Current

9.1High risk

Vulners AI Score9.1

CVSS 29.3

CVSS 3.19.8

EPSS0.04874