CVE-2019-3887
CVSS v3.1
5.6 (Medium)
CVSS v2.0
4.7 (Medium)
EPSS
0.05 % (21th)
Affected Products
11
Advisories
9
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.
Weaknesses
- CWE-863
- Incorrect Authorization
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2019-04-09 16:29:01
(5 years ago) - Updated Date
-
2023-02-12 23:38:42
(19 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...