{
  "threat_severity" : "Important",
  "public_date" : "2018-11-20T12:00:00Z",
  "bugzilla" : {
    "description" : "xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs",
    "id" : "1647573",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1647573"
  },
  "cvss3" : {
    "cvss3_base_score" : "8.1",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-212",
  "details" : [ "An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes." ],
  "acknowledgement" : "Red Hat would like to thank the Xen project for reporting this issue.",
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Will not fix",
    "package_name" : "kernel-xen",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2018-19961\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-19961" ],
  "name" : "CVE-2018-19961",
  "csaw" : false
}