Skip to main content

Reachable Assertion

CVE-2018-19963

Severity High
Score 7.8/10

Summary

An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for external emulators) was mishandled.

  • HIGH
  • LOCAL
  • HIGH
  • CHANGED
  • NONE
  • LOW
  • HIGH
  • HIGH

CWE-617 - Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

References

Advisory Timeline

  • Published