Xen x86 PV Guest OS Denial of Service and Privilege Escalation Vulnerability

Xen x86 PV Guest OS Denial of Service and Privilege Escalation Vulnerability

CVE-2018-19966 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exists because of an incorrect fix for CVE-2017-15595.

Learn more about our User Device Pen Test.