Published: 08/12/2018 Updated: 17/04/2019

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

An issue exists in Xen up to and including 4.11.x on Intel x86 platforms allowing guest OS users to cause a denial of service (host OS hang) because Xen does not work around Intel's mishandling of certain HLE transactions associated with the KACQUIRE instruction prefix.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen
debian debian linux 9.0

Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that have deployment-dependent impacts These issues affect the following supported versions of Citrix XenServer: Citrix XenServer 76 Citrix XenServer 75 Citrix XenServer 71 LTSR CU1 Citrix XenServer 70 The following issues have been addressed: ...

CWE-20 https://xenbits.xen.org/xsa/advisory-282.html http://www.securityfocus.com/bid/106182 https://support.citrix.com/article/CTX239432 https://www.debian.org/security/2019/dsa-4369 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html https://nvd.nist.gov https://support.citrix.com/article/CTX239432

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-19967

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect