Denial of service in Xen - CVE-2018-12893
Published: June 29, 2018
Vulnerability identifier: #VU13521
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-12893
CWE-ID: CWE-264
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Xen Project
Affected software:
Xen
Xen
Detailed vulnerability description
The vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The vulnerability exists on x86 systems due to unspecified flaw. An adjacent attacker can invoke hardware debugging facilities, trigger a debug exception and cause the system to crash.
How to mitigate CVE-2018-12893
Install update from vendor's website.