CVE - CVE-2018-12893

CVE-ID
CVE-2018-12893	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:104572 URL:http://www.securityfocus.com/bid/104572 CONFIRM:http://xenbits.xen.org/xsa/advisory-265.html CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1590979 CONFIRM:https://support.citrix.com/article/CTX235748 DEBIAN:DSA-4236 URL:https://www.debian.org/security/2018/dsa-4236 GENTOO:GLSA-201810-06 URL:https://security.gentoo.org/glsa/201810-06 MLIST:[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update URL:https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html MLIST:[oss-security] 20180627 Xen Security Advisory 265 (CVE-2018-12893) - x86: #DB exception safety check can be triggered by a guest URL:http://www.openwall.com/lists/oss-security/2018/06/27/11 SECTRACK:1041202 URL:http://www.securitytracker.com/id/1041202
Assigning CNA
MITRE Corporation
Date Record Created
20180626	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20180626)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)