Published: 08/10/2019 Updated: 03/02/2023

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

An issue exists in Xen up to and including 4.12.x allowing Arm domU malicious users to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen
debian debian linux 9.0
debian debian linux 10.0

Debian Bug report logs - #947944 xen: Several CVEs open for xen (CVE-2018-12207 CVE-2019-11135 CVE-2019-18420 CVE-2019-18421 CVE-2019-18422 CVE-2019-18423 CVE-2019-18424 CVE-2019-18425 CVE-2019-19577 CVE-2019-19578 CVE-2019-19579 CVE-2019-19580 CVE-2019-19581 CVE-2019-19582 CVE-2019-19583) Package: src:xen; Maintainer for src:xen is De ...

Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks In addition this update provides mitigations for the TSX Asynchronous Abort speculative side channel attack For additional information please refer to xenbitsxenorg/xsa/adv ...

CWE-835 https://xenbits.xen.org/xsa/advisory-295.html http://xenbits.xen.org/xsa/advisory-295.html https://www.debian.org/security/2020/dsa-4602 https://seclists.org/bugtraq/2020/Jan/21 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947944 https://www.debian.org/security/2020/dsa-4602

CVE-2019-17349

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect