#VU22712 Buffer overflow in Windows and Windows Server - CVE-2018-12207

Description

The vulnerability allows a local user to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the mechanism responsible for error handling on some Intel platforms. A local user of a guest operating system can use a specially crafted application to trigger memory corruption and cause the host system to stop responding.

Successful exploitation of this vulnerability may result in a denial of service (DoS) attack.

Below is the list of processor families that are affected by this vulnerability:

Client:

• Intel Core i3 Processors
• Intel Core i5 Processors
• Intel Core i7 Processors
• Intel Core m Processor Family
• 2nd generation Intel Core Processors
• 3rd generation Intel Core Processors
• 4th generation Intel Core Processors
• 5th generation Intel Core Processors
• 6th generation Intel Core Processors
• 7th generation Intel Core Processors
• 8th generation Intel Core Processors
• Intel Core X-series Processor Family
• Intel Pentium Gold Processor Series
• Intel Celeron Processor G Series

Server:

• 2nd Generation Intel Xeon Scalable Processors
• Intel Xeon Scalable Processors
• Intel Xeon Processor E7 v4 Family
• Intel Xeon Processor E7 v3 Family
• Intel Xeon Processor E7 v2 Family
• Intel Xeon Processor E7 Family
• Intel Xeon Processor E5 v4 Family
• Intel Xeon Processor E5 v3 Family
• Intel Xeon Processor E5 v2 Family
• Intel Xeon Processor E5 Family
• Intel Xeon Processor E3 v6 Family
• Intel Xeon Processor E3 v5 Family
• Intel Xeon Processor E3 v4 Family
• Intel Xeon Processor E3 v3 Family
• Intel Xeon Processor E3 v2 Family
• Intel Xeon Processor E3 Family
• Intel Xeon E Processor
• Intel Xeon D Processor
• Intel Xeon W Processor
• Legacy Intel Xeon Processor

Remediation

External links

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-12207
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html