Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-12892

EPSS 2.77% · P86
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-12892

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or (in some situations) users may be able to write to supposedly read-only disk images. Only emulated SCSI disks (specified as "sd" in the libxl disk configuration, or an equivalent) are affected. IDE disks ("hd") are not affected (because attempts to make them readonly are rejected). Additionally, CDROM devices (that is, devices specified to be presented to the guest as CDROMs, regardless of the nature of the backing storage on the host) are not affected; they are always read only. Only systems using qemu-xen (rather than qemu-xen-traditional) as the device model version are vulnerable. Only systems using libxl or libxl-based toolstacks are vulnerable. (This includes xl, and libvirt with the libxl driver.) The vulnerability is present in Xen versions 4.7 and later. (In earlier versions, provided that the patch for XSA-142 has been applied, attempts to create read only disks are rejected.) If the host and guest together usually support PVHVM, the issue is exploitable only if the malicious guest administrator has control of the guest kernel or guest kernel command line.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Xen 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Xen是英国剑桥大学开发的一款开源的虚拟机监视器产品。该产品能够使不同和不兼容的操作系统运行在同一台计算机上,并支持在运行时进行迁移,保证正常运行并且避免宕机。 Xen 4.7版本至4.10.x版本中存在安全漏洞,该漏洞源于程序没有将只读旗标发送到qemu。当系统使用libxl或libxl-based工具栈时,攻击者可利用该漏洞绕过安全限制,执行未授权的操作。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2018-12892

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-12892

Please Login to view more intelligence information

Same Patch Batch · n/a · 2018-07-02 · 48 CVEs total

CVE-2018-10076ZOHO ManageEngine EventLog Analyzer 跨站脚本漏洞
CVE-2018-12529Intex N150设备跨站请求伪造漏洞
CVE-2018-12575TP-Link TL-WR841N 安全漏洞
CVE-2018-13054Cinnamon 安全漏洞
CVE-2018-0499Xapian xapian-core 跨站脚本漏洞
CVE-2018-13053Linux kernel 数字错误漏洞
CVE-2018-13049GLPI SQL注入漏洞
CVE-2018-13050ZOHO ManageEngine Applications Manager SQL注入漏洞
CVE-2018-13056ZZCMS 安全漏洞
CVE-2018-12499Motorola MBP853 安全漏洞
CVE-2018-12528Intex N150设备安全漏洞
CVE-2018-10075ZOHO ManageEngine EventLog Analyzer 跨站脚本漏洞
CVE-2018-9276Paessler PRTG Network Monitor 操作系统命令注入漏洞
CVE-2018-13067OpenCart 跨站请求伪造漏洞
CVE-2018-13066libming 安全漏洞
CVE-2018-12896Linux kernel 数字错误漏洞
CVE-2018-12893Xen 安全漏洞
CVE-2018-12891Xen 安全漏洞
CVE-2018-12426WordPress WP Live Chat Support Pro插件安全漏洞
CVE-2018-13092Reimburse Token 数字错误漏洞

Showing top 20 of 48 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2018-12892

No comments yet

Leave a comment