Home > Vulnerability Database > CVE-2018-12207

Mend.io Vulnerability Database

CVE-2018-12207

Date: November 14, 2019

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

Severity Score

5.0

Related Resources (23)

Url: https://access.redhat.com/errata/RHSA-2019:3941

Url: https://seclists.org/bugtraq/2020/Jan/21

Url: https://usn.ubuntu.com/4186-2/

Url: https://nvd.nist.gov/vuln/detail/CVE-2018-12207

Url: http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/

Url: https://support.f5.com/csp/article/K17269881?utm_source=f5support&%3Butm_medium=RSS

Url: https://support.f5.com/csp/article/K17269881?utm_source=f5support&utm_medium=RSS

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12207

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/

Url: https://access.redhat.com/errata/RHSA-2020:0026

Url: https://access.redhat.com/errata/RHSA-2020:0028

Url: https://access.redhat.com/errata/RHSA-2020:0204

Url: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html

Url: https://security.gentoo.org/glsa/202003-56

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/

Url: https://www.debian.org/security/2020/dsa-4602

Url: https://access.redhat.com/security/cve/CVE-2018-12207

Url: https://access.redhat.com/errata/RHSA-2019:3916

Url: https://www.oracle.com/security-alerts/cpujul2020.html

Url: https://access.redhat.com/errata/RHSA-2019:3936

Url: https://www.mend.io/vulnerability-database/CVE-2018-12207

Severity Score

5.0

Weakness Type (CWE)

Input Validation

CWE-20

CVSS v3

Base Score:	5.0
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	7.5
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2018-12207

Date: November 14, 2019

Severity Score

Related Resources (23)

Severity Score

Weakness Type (CWE)

CVSS v3

CVSS v2

Do you need more information?