A potential security vulnerability in some Intel® Processors may allow denial of service.** Intel has coordinated with OS and hypervisor vendors to provide updates which will mitigate this potential vulnerability.**
CVEID: CVE-2018-12207
Description: Improper invalidation for page table updates by a virtual guest operating system for multiple Intel® Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
CVSS Base Score: 6.5 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
A list of impacted products can be found here.
To mitigate this vulnerability, operating system and hypervisor vendors will be providing software updates. Please contact your operating system vendor for additional details.
Additional Advisory Guidance on CVE-2018-12207 available here.
The following issue was found internally by Intel. Intel would like to thank Deepak Gupta.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.