Home > Vulnerability Database > CVE-2018-12207

Mend.io Vulnerability Database

CVE-2018-12207

Date: November 14, 2019

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

Severity Score

6.5

Related Resources (23)

Url: https://access.redhat.com/errata/RHSA-2019:3941

Url: https://seclists.org/bugtraq/2020/Jan/21

Url: https://usn.ubuntu.com/4186-2/

Url: https://nvd.nist.gov/vuln/detail/CVE-2018-12207

Url: http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/

Url: https://support.f5.com/csp/article/K17269881?utm_source=f5support&%3Butm_medium=RSS

Url: https://support.f5.com/csp/article/K17269881?utm_source=f5support&utm_medium=RSS

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12207

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/

Url: https://access.redhat.com/errata/RHSA-2020:0026

Url: https://access.redhat.com/errata/RHSA-2020:0028

Url: https://access.redhat.com/errata/RHSA-2020:0204

Url: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html

Url: https://security.gentoo.org/glsa/202003-56

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/

Url: https://www.debian.org/security/2020/dsa-4602

Url: https://access.redhat.com/security/cve/CVE-2018-12207

Url: https://access.redhat.com/errata/RHSA-2019:3916

Url: https://www.oracle.com/security-alerts/cpujul2020.html

Url: https://access.redhat.com/errata/RHSA-2019:3936

Url: https://www.mend.io/vulnerability-database/CVE-2018-12207

Severity Score

6.5

Weakness Type (CWE)

Improper Input Validation

CWE-20

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	4.9
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2018-12207

Date: November 14, 2019

Severity Score

Related Resources (23)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?