VDB
ALPINE-CVE-2018-19962
ALPINE-CVE-2018-19962
PUBLISHED
CVSS 7.800000190734863 HIGH
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
Risk Scores
CVSS v3.0
7.800000190734863
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.17 | xen | 4.2.1-r11, 4.2.1-r2, 4.2.1-r3 |
| Alpine:v3.7 | xen | 4.3.1-r1, 4.9.3-r0, 4.9.2-r3 |
| Alpine:v3.12 | xen | 4.1.2-r12, 4.1.2-r11, 4.1.2-r10 |
| Alpine:v3.8 | xen | 4.1.3-r0, 4.8.1-r3, 4.8.1-r4 |
| Alpine:v3.19 | xen | 4.9.0-r0, 4.9.1-r3, 4.9.1-r2 |
| Alpine:v3.11 | xen | 0, 4.9.1-r3, 4.9.1-r2 |
| Alpine:v3.16 | xen | 4.2.0-r4, 4.2.2-r2, 4.2.2-r3 |
| Alpine:v3.20 | xen | 4.7.1-r0, 0, 4.0.1-r0 |
| Alpine:v3.10 | xen | 0, 4.0.1-r0, 4.0.1-r1 |
| Alpine:v3.18 | xen | 4.11.0-r1, 4.2.0-r0, 4.2.0-r1 |
| Alpine:v3.22 | xen | 4.4.1-r4, 4.2.0-r2, 4.2.0-r3 |
| Alpine:v3.23 | xen | 4.2.0-r3, 4.3.1-r0, 4.3.1-r1 |
| Alpine:v3.9 | xen | 4.9.1-r3, 4.9.1-r2, 4.9.1-r1 |
| Alpine:v3.15 | xen | 4.11.0-r0, 4.11.0-r1, 4.2.0-r0 |
| Alpine:v3.14 | xen | 4.9.1-r3, 4.2.0-r5, 4.2.0-r6 |
| Alpine:v3.6 | xen | 0, 4.0.1-r0, 4.0.1-r1 |
| Alpine:v3.13 | xen | 4.5.1-r0, 0, 4.0.1-r0 |
| Alpine:v3.21 | xen | 4.3.0-r8, 4.11.0-r1, 4.10.1-r2 |
Timeline
- Dec 8, 2018 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch