csaf_suse - suse-su-2018:2069-1

Vulnerability from csaf_suse

Published

2018-07-26 14:46

Modified

2018-07-26 14:46

Summary

Security update for xen

Notes

Title of the patch

Security update for xen

Description of the patch

This update for xen fixes the following issues: Security issues fixed: - CVE-2018-12617: Fix integer overflow that causes segmentation fault in qmp_guest_file_read() with g_malloc() (bsc#1098744). - CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242). - CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented datagrams (bsc#1096224). - CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU operations that affect the entire host (XSA-264) (bsc#1097521). - CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check (XSA-265) (bsc#1097522). Bug fixes: - bsc#1079730: Fix failed 'write' lock. - bsc#1027519: Add upstream patches from January.

Patchnames

SUSE-SLE-SAP-12-SP1-2018-1406,SUSE-SLE-SERVER-12-SP1-2018-1406

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for xen",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for xen fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-12617: Fix integer overflow that causes segmentation fault in qmp_guest_file_read() with g_malloc() (bsc#1098744).\n- CVE-2018-3665: Fix Lazy FP Save/Restore issue (XSA-267) (bsc#1095242).\n- CVE-2018-11806: Fix heap buffer overflow while reassembling fragmented datagrams (bsc#1096224).\n- CVE-2018-12891: Fix possible Denial of Service (DoS) via certain PV MMU operations that affect the entire host (XSA-264) (bsc#1097521).\n- CVE-2018-12893: Fix crash/Denial of Service (DoS) via safety check (XSA-265) (bsc#1097522).\n\nBug fixes:\n\n- bsc#1079730: Fix failed \u0027write\u0027 lock.\n- bsc#1027519: Add upstream patches from January.\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-SAP-12-SP1-2018-1406,SUSE-SLE-SERVER-12-SP1-2018-1406",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2069-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2018:2069-1",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182069-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2018:2069-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-July/004315.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027519",
        "url": "https://bugzilla.suse.com/1027519"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1079730",
        "url": "https://bugzilla.suse.com/1079730"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1095242",
        "url": "https://bugzilla.suse.com/1095242"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1096224",
        "url": "https://bugzilla.suse.com/1096224"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097521",
        "url": "https://bugzilla.suse.com/1097521"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1097522",
        "url": "https://bugzilla.suse.com/1097522"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1098744",
        "url": "https://bugzilla.suse.com/1098744"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-11806 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-11806/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12617 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12617/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12891 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12891/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12893 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12893/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-3665 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-3665/"
      }
    ],
    "title": "Security update for xen",
    "tracking": {
      "current_release_date": "2018-07-26T14:46:21Z",
      "generator": {
        "date": "2018-07-26T14:46:21Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2018:2069-1",
      "initial_release_date": "2018-07-26T14:46:21Z",
      "revision_history": [
        {
          "date": "2018-07-26T14:46:21Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.5.5_24-22.52.3.x86_64",
                "product": {
                  "name": "xen-4.5.5_24-22.52.3.x86_64",
                  "product_id": "xen-4.5.5_24-22.52.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.5.5_24-22.52.3.x86_64",
                "product": {
                  "name": "xen-doc-html-4.5.5_24-22.52.3.x86_64",
                  "product_id": "xen-doc-html-4.5.5_24-22.52.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
                "product": {
                  "name": "xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
                  "product_id": "xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.5.5_24-22.52.3.x86_64",
                "product": {
                  "name": "xen-libs-4.5.5_24-22.52.3.x86_64",
                  "product_id": "xen-libs-4.5.5_24-22.52.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
                "product": {
                  "name": "xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
                  "product_id": "xen-libs-32bit-4.5.5_24-22.52.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.5.5_24-22.52.3.x86_64",
                "product": {
                  "name": "xen-tools-4.5.5_24-22.52.3.x86_64",
                  "product_id": "xen-tools-4.5.5_24-22.52.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.5.5_24-22.52.3.x86_64",
                "product": {
                  "name": "xen-tools-domU-4.5.5_24-22.52.3.x86_64",
                  "product_id": "xen-tools-domU-4.5.5_24-22.52.3.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12:sp1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-doc-html-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64"
        },
        "product_reference": "xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-libs-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-tools-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-tools-domU-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-doc-html-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-doc-html-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64"
        },
        "product_reference": "xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-libs-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-32bit-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-tools-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.5.5_24-22.52.3.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
        },
        "product_reference": "xen-tools-domU-4.5.5_24-22.52.3.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-11806",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-11806"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-11806",
          "url": "https://www.suse.com/security/cve/CVE-2018-11806"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1096223 for CVE-2018-11806",
          "url": "https://bugzilla.suse.com/1096223"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1096224 for CVE-2018-11806",
          "url": "https://bugzilla.suse.com/1096224"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-11806",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-07-26T14:46:21Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-11806"
    },
    {
      "cve": "CVE-2018-12617",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12617"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12617",
          "url": "https://www.suse.com/security/cve/CVE-2018-12617"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098735 for CVE-2018-12617",
          "url": "https://bugzilla.suse.com/1098735"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098744 for CVE-2018-12617",
          "url": "https://bugzilla.suse.com/1098744"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-07-26T14:46:21Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-12617"
    },
    {
      "cve": "CVE-2018-12891",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12891"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12891",
          "url": "https://www.suse.com/security/cve/CVE-2018-12891"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1097521 for CVE-2018-12891",
          "url": "https://bugzilla.suse.com/1097521"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-12891",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-07-26T14:46:21Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12891"
    },
    {
      "cve": "CVE-2018-12893",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12893"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12893",
          "url": "https://www.suse.com/security/cve/CVE-2018-12893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1097522 for CVE-2018-12893",
          "url": "https://bugzilla.suse.com/1097522"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-12893",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-07-26T14:46:21Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12893"
    },
    {
      "cve": "CVE-2018-3665",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-3665"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-3665",
          "url": "https://www.suse.com/security/cve/CVE-2018-3665"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087078 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1087078"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1087082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087086 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1087086"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1090338 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1090338"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1095241 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1095241"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1095242 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1095242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1096740 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1096740"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1100091 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1100091"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1100555 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1100555"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2018-3665",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:xen-tools-domU-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-doc-html-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-kmp-default-4.5.5_24_k3.12.74_60.64.96-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-32bit-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-libs-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-4.5.5_24-22.52.3.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:xen-tools-domU-4.5.5_24-22.52.3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-07-26T14:46:21Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-3665"
    }
  ]
}

cve-2018-3665

Vulnerability from cvelistv5

Published

2018-06-21 20:00

Modified

2024-09-17 01:01

Severity ?

Summary

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

References

▼	URL	Tags
	https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2018:2164	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3696-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1041125	vdb-entry, x_refsource_SECTRACK
	https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2018:1944	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1852	vendor-advisory, x_refsource_REDHAT
	https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc	vendor-advisory, x_refsource_FREEBSD
	http://www.securitytracker.com/id/1041124	vdb-entry, x_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2018:2165	vendor-advisory, x_refsource_REDHAT
	https://www.debian.org/security/2018/dsa-4232	vendor-advisory, x_refsource_DEBIAN
	https://usn.ubuntu.com/3698-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/3696-2/	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/104460	vdb-entry, x_refsource_BID
	https://usn.ubuntu.com/3698-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2019:1170	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:1190	vendor-advisory, x_refsource_REDHAT
	https://www.oracle.com/security-alerts/cpujul2020.html	x_refsource_MISC
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	https://nvidia.custhelp.com/app/answers/detail/a_id/4787	x_refsource_CONFIRM
	https://www.synology.com/support/security/Synology_SA_18_31	x_refsource_CONFIRM
	https://security.netapp.com/advisory/ntap-20181016-0001/	x_refsource_CONFIRM
	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html	x_refsource_CONFIRM
	https://support.citrix.com/article/CTX235745	x_refsource_CONFIRM
	https://security.paloaltonetworks.com/CVE-2018-3665	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Intel Corporation	Intel Core-based microprocessors	Version: All

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T04:50:30.430Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
          },
          {
            "name": "RHSA-2018:2164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2164"
          },
          {
            "name": "USN-3696-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3696-1/"
          },
          {
            "name": "1041125",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041125"
          },
          {
            "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
          },
          {
            "name": "RHSA-2018:1944",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1944"
          },
          {
            "name": "RHSA-2018:1852",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1852"
          },
          {
            "name": "FreeBSD-SA-18:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc"
          },
          {
            "name": "1041124",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041124"
          },
          {
            "name": "RHSA-2018:2165",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2165"
          },
          {
            "name": "DSA-4232",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4232"
          },
          {
            "name": "USN-3698-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3698-1/"
          },
          {
            "name": "USN-3696-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3696-2/"
          },
          {
            "name": "104460",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104460"
          },
          {
            "name": "USN-3698-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3698-2/"
          },
          {
            "name": "RHSA-2019:1170",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1170"
          },
          {
            "name": "RHSA-2019:1190",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1190"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/support/security/Synology_SA_18_31"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20181016-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX235745"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2018-3665"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel Core-based microprocessors",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "All"
            }
          ]
        }
      ],
      "datePublic": "2018-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-15T02:22:59",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
        },
        {
          "name": "RHSA-2018:2164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2164"
        },
        {
          "name": "USN-3696-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3696-1/"
        },
        {
          "name": "1041125",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041125"
        },
        {
          "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
        },
        {
          "name": "RHSA-2018:1944",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1944"
        },
        {
          "name": "RHSA-2018:1852",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1852"
        },
        {
          "name": "FreeBSD-SA-18:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc"
        },
        {
          "name": "1041124",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041124"
        },
        {
          "name": "RHSA-2018:2165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2165"
        },
        {
          "name": "DSA-4232",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4232"
        },
        {
          "name": "USN-3698-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3698-1/"
        },
        {
          "name": "USN-3696-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3696-2/"
        },
        {
          "name": "104460",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104460"
        },
        {
          "name": "USN-3698-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3698-2/"
        },
        {
          "name": "RHSA-2019:1170",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1170"
        },
        {
          "name": "RHSA-2019:1190",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1190"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/support/security/Synology_SA_18_31"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20181016-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX235745"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2018-3665"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "[email protected]",
          "DATE_PUBLIC": "2018-06-13T00:00:00",
          "ID": "CVE-2018-3665",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel Core-based microprocessors",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
            },
            {
              "name": "RHSA-2018:2164",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2164"
            },
            {
              "name": "USN-3696-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3696-1/"
            },
            {
              "name": "1041125",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041125"
            },
            {
              "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
            },
            {
              "name": "RHSA-2018:1944",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1944"
            },
            {
              "name": "RHSA-2018:1852",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1852"
            },
            {
              "name": "FreeBSD-SA-18:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc"
            },
            {
              "name": "1041124",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041124"
            },
            {
              "name": "RHSA-2018:2165",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2165"
            },
            {
              "name": "DSA-4232",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4232"
            },
            {
              "name": "USN-3698-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3698-1/"
            },
            {
              "name": "USN-3696-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3696-2/"
            },
            {
              "name": "104460",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104460"
            },
            {
              "name": "USN-3698-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3698-2/"
            },
            {
              "name": "RHSA-2019:1170",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1170"
            },
            {
              "name": "RHSA-2019:1190",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1190"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
            },
            {
              "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
              "refsource": "CONFIRM",
              "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_18_31",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/support/security/Synology_SA_18_31"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20181016-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20181016-0001/"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html"
            },
            {
              "name": "https://support.citrix.com/article/CTX235745",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX235745"
            },
            {
              "name": "https://security.paloaltonetworks.com/CVE-2018-3665",
              "refsource": "CONFIRM",
              "url": "https://security.paloaltonetworks.com/CVE-2018-3665"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-3665",
    "datePublished": "2018-06-21T20:00:00Z",
    "dateReserved": "2017-12-28T00:00:00",
    "dateUpdated": "2024-09-17T01:01:36.405Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-12891

Vulnerability from cvelistv5

Published

2018-07-02 17:00

Modified

2024-08-05 08:45

Severity ?

Summary

An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability.

References

▼	URL	Tags
	https://www.debian.org/security/2018/dsa-4236	vendor-advisory, x_refsource_DEBIAN
	https://support.citrix.com/article/CTX235748	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201810-06	vendor-advisory, x_refsource_GENTOO
	https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html	mailing-list, x_refsource_MLIST
	http://xenbits.xen.org/xsa/advisory-264.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1041201	vdb-entry, x_refsource_SECTRACK
	http://www.openwall.com/lists/oss-security/2018/06/27/10	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/104570	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:45:02.566Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4236",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4236"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX235748"
          },
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-264.html"
          },
          {
            "name": "1041201",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041201"
          },
          {
            "name": "[oss-security] 20180627 Xen Security Advisory 264 (CVE-2018-12891) - preemption checks bypassed in x86 PV MM handling",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2018/06/27/10"
          },
          {
            "name": "104570",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104570"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-4236",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4236"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX235748"
        },
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-264.html"
        },
        {
          "name": "1041201",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041201"
        },
        {
          "name": "[oss-security] 20180627 Xen Security Advisory 264 (CVE-2018-12891) - preemption checks bypassed in x86 PV MM handling",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2018/06/27/10"
        },
        {
          "name": "104570",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104570"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "[email protected]",
          "ID": "CVE-2018-12891",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4236",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4236"
            },
            {
              "name": "https://support.citrix.com/article/CTX235748",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX235748"
            },
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-264.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-264.html"
            },
            {
              "name": "1041201",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041201"
            },
            {
              "name": "[oss-security] 20180627 Xen Security Advisory 264 (CVE-2018-12891) - preemption checks bypassed in x86 PV MM handling",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2018/06/27/10"
            },
            {
              "name": "104570",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104570"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-12891",
    "datePublished": "2018-07-02T17:00:00",
    "dateReserved": "2018-06-26T00:00:00",
    "dateUpdated": "2024-08-05T08:45:02.566Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-12617

Vulnerability from cvelistv5

Published

2018-06-21 18:00

Modified

2024-08-05 08:38

Severity ?

Summary

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.

References

▼	URL	Tags
	https://lists.debian.org/debian-lts-announce/2019/02/msg00041.html	mailing-list, x_refsource_MLIST
	https://gist.github.com/fakhrizulkifli/c7740d28efa07dafee66d4da5d857ef6	x_refsource_MISC
	https://usn.ubuntu.com/3826-1/	vendor-advisory, x_refsource_UBUNTU
	https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg03385.html	x_refsource_MISC
	http://www.securityfocus.com/bid/104531	vdb-entry, x_refsource_BID
	https://www.exploit-db.com/exploits/44925/	exploit, x_refsource_EXPLOIT-DB
	https://www.debian.org/security/2019/dsa-4454	vendor-advisory, x_refsource_DEBIAN
	https://seclists.org/bugtraq/2019/May/76	mailing-list, x_refsource_BUGTRAQ

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:38:06.342Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20190228 [SECURITY] [DLA 1694-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00041.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gist.github.com/fakhrizulkifli/c7740d28efa07dafee66d4da5d857ef6"
          },
          {
            "name": "USN-3826-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3826-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg03385.html"
          },
          {
            "name": "104531",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104531"
          },
          {
            "name": "44925",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/44925/"
          },
          {
            "name": "DSA-4454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4454"
          },
          {
            "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/May/76"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-31T13:06:05",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20190228 [SECURITY] [DLA 1694-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00041.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gist.github.com/fakhrizulkifli/c7740d28efa07dafee66d4da5d857ef6"
        },
        {
          "name": "USN-3826-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3826-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg03385.html"
        },
        {
          "name": "104531",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104531"
        },
        {
          "name": "44925",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/44925/"
        },
        {
          "name": "DSA-4454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4454"
        },
        {
          "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/May/76"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "[email protected]",
          "ID": "CVE-2018-12617",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20190228 [SECURITY] [DLA 1694-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00041.html"
            },
            {
              "name": "https://gist.github.com/fakhrizulkifli/c7740d28efa07dafee66d4da5d857ef6",
              "refsource": "MISC",
              "url": "https://gist.github.com/fakhrizulkifli/c7740d28efa07dafee66d4da5d857ef6"
            },
            {
              "name": "USN-3826-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3826-1/"
            },
            {
              "name": "https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg03385.html",
              "refsource": "MISC",
              "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg03385.html"
            },
            {
              "name": "104531",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104531"
            },
            {
              "name": "44925",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/44925/"
            },
            {
              "name": "DSA-4454",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4454"
            },
            {
              "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/May/76"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-12617",
    "datePublished": "2018-06-21T18:00:00",
    "dateReserved": "2018-06-21T00:00:00",
    "dateUpdated": "2024-08-05T08:38:06.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-12893

Vulnerability from cvelistv5

Published

2018-07-02 17:00

Modified

2024-08-05 08:45

Severity ?

Summary

An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users.

References

▼	URL	Tags
	http://www.openwall.com/lists/oss-security/2018/06/27/11	mailing-list, x_refsource_MLIST
	https://www.debian.org/security/2018/dsa-4236	vendor-advisory, x_refsource_DEBIAN
	https://support.citrix.com/article/CTX235748	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201810-06	vendor-advisory, x_refsource_GENTOO
	https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=1590979	x_refsource_CONFIRM
	http://xenbits.xen.org/xsa/advisory-265.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/104572	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1041202	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:45:02.554Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20180627 Xen Security Advisory 265 (CVE-2018-12893) - x86: #DB exception safety check can be triggered by a guest",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2018/06/27/11"
          },
          {
            "name": "DSA-4236",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4236"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX235748"
          },
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590979"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-265.html"
          },
          {
            "name": "104572",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104572"
          },
          {
            "name": "1041202",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041202"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20180627 Xen Security Advisory 265 (CVE-2018-12893) - x86: #DB exception safety check can be triggered by a guest",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2018/06/27/11"
        },
        {
          "name": "DSA-4236",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4236"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX235748"
        },
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590979"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-265.html"
        },
        {
          "name": "104572",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104572"
        },
        {
          "name": "1041202",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041202"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "[email protected]",
          "ID": "CVE-2018-12893",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20180627 Xen Security Advisory 265 (CVE-2018-12893) - x86: #DB exception safety check can be triggered by a guest",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2018/06/27/11"
            },
            {
              "name": "DSA-4236",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4236"
            },
            {
              "name": "https://support.citrix.com/article/CTX235748",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX235748"
            },
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1590979",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590979"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-265.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-265.html"
            },
            {
              "name": "104572",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104572"
            },
            {
              "name": "1041202",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041202"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-12893",
    "datePublished": "2018-07-02T17:00:00",
    "dateReserved": "2018-06-26T00:00:00",
    "dateUpdated": "2024-08-05T08:45:02.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-11806

Vulnerability from cvelistv5

Published

2018-06-13 16:00

Modified

2024-08-05 08:17

Severity ?

Summary

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2018:2762	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/104400	vdb-entry, x_refsource_BID
	https://usn.ubuntu.com/3826-1/	vendor-advisory, x_refsource_UBUNTU
	https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html	mailing-list, x_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2018/06/07/1	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=1586245	x_refsource_CONFIRM
	https://www.zerodayinitiative.com/advisories/ZDI-18-567/	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2018:2462	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2822	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2887	vendor-advisory, x_refsource_REDHAT
	https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html	mailing-list, x_refsource_MLIST
	https://www.debian.org/security/2019/dsa-4454	vendor-advisory, x_refsource_DEBIAN
	https://seclists.org/bugtraq/2019/May/76	mailing-list, x_refsource_BUGTRAQ
	https://access.redhat.com/errata/RHSA-2019:2892	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:17:09.239Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:2762",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2762"
          },
          {
            "name": "104400",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104400"
          },
          {
            "name": "USN-3826-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3826-1/"
          },
          {
            "name": "[qemu-devel] 20180605 [PATCH 1/2] slirp: correct size computation while concatenating mbuf",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html"
          },
          {
            "name": "[oss-security] 20180607 CVE-2018-11806 Qemu: slirp: heap buffer overflow while reassembling fragmented datagrams",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2018/06/07/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1586245"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-567/"
          },
          {
            "name": "RHSA-2018:2462",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2462"
          },
          {
            "name": "RHSA-2018:2822",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2822"
          },
          {
            "name": "RHSA-2018:2887",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2887"
          },
          {
            "name": "[debian-lts-announce] 20190509 [SECURITY] [DLA 1781-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html"
          },
          {
            "name": "DSA-4454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4454"
          },
          {
            "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/May/76"
          },
          {
            "name": "RHSA-2019:2892",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2892"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-09-24T15:06:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2018:2762",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2762"
        },
        {
          "name": "104400",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104400"
        },
        {
          "name": "USN-3826-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3826-1/"
        },
        {
          "name": "[qemu-devel] 20180605 [PATCH 1/2] slirp: correct size computation while concatenating mbuf",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html"
        },
        {
          "name": "[oss-security] 20180607 CVE-2018-11806 Qemu: slirp: heap buffer overflow while reassembling fragmented datagrams",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2018/06/07/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1586245"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-567/"
        },
        {
          "name": "RHSA-2018:2462",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2462"
        },
        {
          "name": "RHSA-2018:2822",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2822"
        },
        {
          "name": "RHSA-2018:2887",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2887"
        },
        {
          "name": "[debian-lts-announce] 20190509 [SECURITY] [DLA 1781-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html"
        },
        {
          "name": "DSA-4454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4454"
        },
        {
          "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/May/76"
        },
        {
          "name": "RHSA-2019:2892",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2892"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "[email protected]",
          "ID": "CVE-2018-11806",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:2762",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2762"
            },
            {
              "name": "104400",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104400"
            },
            {
              "name": "USN-3826-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3826-1/"
            },
            {
              "name": "[qemu-devel] 20180605 [PATCH 1/2] slirp: correct size computation while concatenating mbuf",
              "refsource": "MLIST",
              "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html"
            },
            {
              "name": "[oss-security] 20180607 CVE-2018-11806 Qemu: slirp: heap buffer overflow while reassembling fragmented datagrams",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2018/06/07/1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1586245",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1586245"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-18-567/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-18-567/"
            },
            {
              "name": "RHSA-2018:2462",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2462"
            },
            {
              "name": "RHSA-2018:2822",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2822"
            },
            {
              "name": "RHSA-2018:2887",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2887"
            },
            {
              "name": "[debian-lts-announce] 20190509 [SECURITY] [DLA 1781-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html"
            },
            {
              "name": "DSA-4454",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4454"
            },
            {
              "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/May/76"
            },
            {
              "name": "RHSA-2019:2892",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2892"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-11806",
    "datePublished": "2018-06-13T16:00:00",
    "dateReserved": "2018-06-05T00:00:00",
    "dateUpdated": "2024-08-05T08:17:09.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_suse

cve-2018-3665

Vulnerability from cvelistv5

cve-2018-12891

Vulnerability from cvelistv5

cve-2018-12617

Vulnerability from cvelistv5

cve-2018-12893

Vulnerability from cvelistv5

cve-2018-11806

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature