Vulnerability Details : CVE-2018-12893
An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users.
Vulnerability category: Denial of service
Products affected by CVE-2018-12893
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:x86
Exploit prediction scoring system (EPSS) score for CVE-2018-12893
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-12893
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:N/A:P |
3.9
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
2.0
|
4.0
|
NIST |
References for CVE-2018-12893
-
https://support.citrix.com/article/CTX235748
Citrix XenServer Multiple Security UpdatesVendor Advisory
-
https://www.debian.org/security/2018/dsa-4236
Debian -- Security Information -- DSA-4236-1 xenThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html
[SECURITY] [DLA 1577-1] xen security update
-
http://xenbits.xen.org/xsa/advisory-265.html
XSA-265 - Xen Security AdvisoriesMitigation;Patch;Vendor Advisory
-
https://security.gentoo.org/glsa/201810-06
Xen: Multiple vulnerabilities (GLSA 201810-06) — Gentoo security
-
http://www.securityfocus.com/bid/104572
Xen CVE-2018-12893 Local Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
http://www.openwall.com/lists/oss-security/2018/06/27/11
oss-security - Xen Security Advisory 265 (CVE-2018-12893) - x86: #DB exception safety check can be triggered by a guestMitigation;Mailing List;Third Party Advisory;Patch
-
http://www.securitytracker.com/id/1041202
Xen Debug Exception Trigger Lets Local Users on a Guest System Cause Denial of Service Conditions on the Host System - SecurityTrackerThird Party Advisory;VDB Entry
-
https://bugzilla.redhat.com/show_bug.cgi?id=1590979
1590979 – (CVE-2018-12893) CVE-2018-12893 xen: x86 DB exception safety check can be triggered by a guest (XSA-265)Mitigation;Issue Tracking;Third Party Advisory
Jump to