Lucene search

CVE-2018-10472

🗓️ 27 Apr 2018 15:00:29Reported by [email protected]Type

Xen 4.10.x allows x86 HVM guest OS to read arbitrary dom0 files via QMP live CDROM insertio

Reporter	Title	Published	Views	Family All 64
CVE	CVE-2018-10472	27 Apr 201815:29	–	cve
Prion	Code injection	27 Apr 201815:29	–	prion
Xen Project	Information leak via crafted user-supplied CDROM	25 Apr 201812:00	–	xen
Tenable Nessus	Xen CDROM Image Handling Local File Disclosure Vulnerability (XSA-258)	4 May 201800:00	–	nessus
Tenable Nessus	Fedora 28 : xen (2018-dbebca30d0)	3 Jan 201900:00	–	nessus
Tenable Nessus	Fedora 26 : xen (2018-eb69078020)	14 May 201800:00	–	nessus
Tenable Nessus	Fedora 27 : xen (2018-604574c943)	2 May 201800:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : xen (SUSE-SU-2018:1216-1) (Meltdown)	14 May 201800:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : xen (SUSE-SU-2018:3230-1) (Meltdown)	22 Oct 201800:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : xen (SUSE-SU-2018:1202-1) (Meltdown)	11 May 201800:00	–	nessus

Nvd

Node

xen xenRange≤4.10.1x86

Node

debian debian_linuxMatch9.0

Source	Link
debian	www.debian.org/security/2018/dsa-4201
securityfocus	www.securityfocus.com/bid/104002
xenbits	www.xenbits.xen.org/xsa/advisory-258.html
lists	www.lists.debian.org/debian-lts-announce/2018/10/msg00021.html
security	www.security.gentoo.org/glsa/201810-06

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Apr 2018 15:29Current

6.8Medium risk

Vulners AI Score6.8

CVSS21.9

CVSS35.6

EPSS0.00135

CWE-200