A potential security vulnerability in some Intel® Processors may allow denial of service.** Intel has coordinated with OS and hypervisor vendors to provide updates which will mitigate this potential vulnerability.**

Vulnerability Details:

CVEID: CVE-2018-12207

Description: Improper invalidation for page table updates by a virtual guest operating system for multiple Intel® Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

CVSS Base Score: 6.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Affected Products:

A list of impacted products can be found here.

Recommendations:

To mitigate this vulnerability, operating system and hypervisor vendors will be providing software updates. Please contact your operating system vendor for additional details.

Additional Advisory Guidance on CVE-2018-12207 available here.

Acknowledgements:

The following issue was found internally by Intel. Intel would like to thank Deepak Gupta.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

nessus 66

cve 3

xen 1

symantec 1

osv 3

prion 3

debiancve 1

ubuntucve 2

redhatcve 2

freebsd_advisory 1

amazon 2

f5 1

veracode 1

freebsd 1

mscve 1

openvas 43

redhat 20

vmware 1

suse 6

citrix 1

oraclelinux 11

mskb 1

mageia 4

centos 2

fedora 12

virtuozzo 2

ubuntu 3

debian 3

photon 1

nessus

Amazon Linux 2 : kernel (ALAS-2019-1366)

2019-11-25 00:00:00

Xen Denial of Service vulnerability (XSA-304)

2020-03-02 00:00:00

Amazon Linux AMI : kernel (ALAS-2019-1322)

2019-11-25 00:00:00

cve

CVE-2018-12207

2019-11-14 20:15:00

CVE-2019-1391

2019-11-12 19:15:00

CVE-2019-19339

2020-01-17 19:15:00

xen

x86: Machine Check Error on Page Size Change DoS

2019-11-12 17:53:00

symantec

Multiple Intel Processors CVE-2018-12207 Denial of Service Vulnerability

2019-11-12 00:00:00

osv

CVE-2018-12207

2019-11-14 20:15:11

linux - security update

2019-11-12 00:00:00

linux-4.9 - security update

2019-11-12 00:00:00

prion

Input validation

2019-11-14 20:15:00

Denial of service

2019-11-12 19:15:00

Code injection

2020-01-17 19:15:00

debiancve

CVE-2018-12207

2019-11-14 20:15:00

ubuntucve

CVE-2018-12207

2019-11-12 00:00:00

CVE-2019-19339

2020-01-17 00:00:00

redhatcve

CVE-2018-12207

2020-04-09 10:06:17

CVE-2019-19339

2019-12-11 12:21:10

freebsd_advisory

FreeBSD-SA-19:25.mcepsc

2019-11-12 00:00:00

amazon

Important: kernel

2019-11-19 17:52:00

Important: kernel

2019-11-19 17:31:00

K17269881 : Intel MCE vulnerability CVE-2018-12207

2019-12-04 00:00:00

veracode

Denial Of Service (DoS)

2019-11-13 00:19:59

freebsd

FreeBSD -- Machine Check Exception on Page Size Change

2019-11-14 00:00:00

mscve

Windows Denial of Service Vulnerability

2019-11-12 08:00:00

openvas

Missing Linux Kernel mitigations for 'iTLB multihit' hardware vulnerabilities

2020-06-02 00:00:00

SUSE: Security Advisory (SUSE-SU-2019:3340-1)

2021-04-19 00:00:00

openSUSE: Security Advisory for spectre-meltdown-checker (openSUSE-SU-2019:2710-1)

2020-01-09 00:00:00

redhat

(RHSA-2019:3843) Important: kernel security update

2019-11-12 20:16:37

(RHSA-2020:0026) Important: kpatch-patch security update

2020-01-06 13:40:28

(RHSA-2019:3936) Important: kpatch-patch security update

2019-11-20 20:35:20

vmware

VMware ESXi, Workstation, and Fusion patches provide Hypervisor-Specific Mitigations for Speculative-Execution Vulnerabilities (CVE-2018-12207, CVE-2019-11135)

2019-11-12 00:00:00

suse

Security update for spectre-meltdown-checker (moderate)

2019-12-31 00:00:00

Security update for qemu (important)

2019-11-14 00:00:00

Security update for qemu (important)

2019-11-14 00:00:00

citrix

Citrix Hypervisor Security Update

2019-11-12 05:00:00

oraclelinux

gcc security and bug fix update

2020-05-05 00:00:00

Unbreakable Enterprise kernel security update

2019-11-12 00:00:00

microcode_ctl security update

2019-12-04 00:00:00

mskb

November 12, 2019—KB4525245 (OS Build 15063.2172)

2019-11-12 00:00:00

mageia

Updated kernel packages fix security vulnerabilities

2019-11-20 00:16:53

Updated microcode packages fix security vulnerabilities

2019-12-26 01:57:53

Updated microcode packages fix security vulnerabilities

2019-11-20 00:16:53

centos

bpftool, kernel, perf, python security update

2019-11-14 19:41:10

kernel, perf, python security update

2019-11-14 01:19:32

fedora

[SECURITY] Fedora 30 Update: kernel-tools-5.3.11-200.fc30

2019-11-13 06:28:06

[SECURITY] Fedora 30 Update: kernel-headers-5.3.11-200.fc30

2019-11-13 06:28:06

[SECURITY] Fedora 30 Update: microcode_ctl-2.1-33.fc30

2019-11-13 06:28:06

virtuozzo

Important kernel security update: New kernel 2.6.32-042stab141.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

2019-11-21 00:00:00

Important kernel security update: New kernel 2.6.32-042stab141.3; Virtuozzo 6.0 Update 12 Hotfix 48 (6.0.12-3753)

2019-11-21 00:00:00

ubuntu

Linux kernel (Azure) vulnerabilities

2019-11-13 00:00:00

Linux kernel vulnerability

2019-11-13 00:00:00

Linux kernel vulnerabilities

2019-11-13 00:00:00

debian

[SECURITY] [DSA 4564-1] linux security update

2019-11-12 19:17:26

[SECURITY] [DLA 1990-1] linux-4.9 security update

2019-11-13 22:51:44

[SECURITY] [DSA 4564-1] linux security update

2019-11-12 19:17:26

photon

Critical Photon OS Security Update - PHSA-2019-3.0-0041

2019-11-19 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

JSON

Related for INTEL:INTEL-SA-00210