Vulnerability Details CVE-2018-7542
An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.0%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.9
References
- http://www.securitytracker.com/id/1040776
- https://security.gentoo.org/glsa/201810-06
- https://www.debian.org/security/2018/dsa-4131
- https://xenbits.xen.org/xsa/advisory-256.html
- http://www.securitytracker.com/id/1040776
- https://security.gentoo.org/glsa/201810-06
- https://www.debian.org/security/2018/dsa-4131
- https://xenbits.xen.org/xsa/advisory-256.html
Products affected by CVE-2018-7542
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:xen:xen:4.10.0
-
cpe:2.3:o:xen:xen:4.8.0
-
cpe:2.3:o:xen:xen:4.8.1
-
cpe:2.3:o:xen:xen:4.8.2
-
cpe:2.3:o:xen:xen:4.8.3
-
cpe:2.3:o:xen:xen:4.8.4
-
cpe:2.3:o:xen:xen:4.8.5
-
cpe:2.3:o:xen:xen:4.9.0
-
cpe:2.3:o:xen:xen:4.9.1
-
cpe:2.3:o:xen:xen:4.9.2
-
cpe:2.3:o:xen:xen:4.9.3
-
cpe:2.3:o:xen:xen:4.9.4