CVE-2018-12207

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

Published: 2019-11-14 Last update: 2024-11-21 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2018-12207 is rated Moderate Risk (46/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 0.92%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2018-12207

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.26% 0.92% +0.65%
2 2026-03-04 0.24% 0.26% +0.02%
3 2026-03-01 0.24%

Full EPSS history (23 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2018-12207

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
6.5 3.1 MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Click to expand
Attack vector (AV:L)
They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:L)
A normal user session is enough; they don’t have to be admin.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:C)
Breaking this can reach past the original component and bite other resources—bigger blast radius.
Confidentiality (C:N)
Doesn’t really leak secrets in a meaningful way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
 2.0 4.0 [email protected]
4.9 2.0 MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C Click to expand
Access vector (AV:L)
Requires local access to the target system.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:C)
Complete availability impact.
 3.9 6.9 [email protected]

Weakness enumeration for CVE-2018-12207

OS Trackers for CVE-2018-12207

vendor priority summary link
alpine medium CVE-2018-12207: 1 source package rows (xen); 10 state rows across 10 repos (3.10-main, 3.11-main, 3.12-main, 3.17-main, 3.18-main, 3.19-main, 3.20-main, 3.21-main, 3.22-main, edge-main); fixed 10, open 0. https://security.alpinelinux.org/vuln/CVE-2018-12207
debian not yet assigned CVE-2018-12207 not yet assigned priority: Debian including 2 source packages (linux, xen), 10 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 10. https://security-tracker.debian.org/tracker/CVE-2018-12207
gentoo high CVE-2018-12207: 1 GLSA(s) (202003-56), 2 atom(s) (app-emulation/xen, app-emulation/xen-tools); latest impact high. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2018-12207
redhat high https://access.redhat.com/security/cve/CVE-2018-12207
suse medium https://www.suse.com/security/cve/CVE-2018-12207/
ubuntu high CVE-2018-12207 high priority: Ubuntu including 170 source packages (linux, linux-allwinner, …), 2252 status rows across 18 suites (bionic, disco, eoan, focal, groovy, hirsute, impish, jammy, kinetic, lunar, mantic, noble, oracular, plucky, questing, trusty, upstream, xenial): DNE 1733, not-affected 289, released 197, ignored 28, needed 4, needs-triage 1. https://ubuntu.com/security/CVE-2018-12207

Affected software / configurations for CVE-2018-12207

Vendor Product Version Raw CPE
intel core_i3-10110u_firmware cpe:2.3:o:intel:core_i3-10110u_firmware:-:*:*:*:*:*:*:*
intel core_i3-10110y_firmware cpe:2.3:o:intel:core_i3-10110y_firmware:-:*:*:*:*:*:*:*
intel core_i3-1005g1_firmware cpe:2.3:o:intel:core_i3-1005g1_firmware:-:*:*:*:*:*:*:*
intel core_i3-9300t_firmware cpe:2.3:o:intel:core_i3-9300t_firmware:-:*:*:*:*:*:*:*
intel core_i3-9300_firmware cpe:2.3:o:intel:core_i3-9300_firmware:-:*:*:*:*:*:*:*
intel core_i3-9100_firmware cpe:2.3:o:intel:core_i3-9100_firmware:-:*:*:*:*:*:*:*
intel core_i3-9100t_firmware cpe:2.3:o:intel:core_i3-9100t_firmware:-:*:*:*:*:*:*:*
intel core_i3-9350k_firmware cpe:2.3:o:intel:core_i3-9350k_firmware:-:*:*:*:*:*:*:*
intel core_i3-9320_firmware cpe:2.3:o:intel:core_i3-9320_firmware:-:*:*:*:*:*:*:*
intel core_i3-8145u_firmware cpe:2.3:o:intel:core_i3-8145u_firmware:-:*:*:*:*:*:*:*
intel core_i3-8300_firmware cpe:2.3:o:intel:core_i3-8300_firmware:-:*:*:*:*:*:*:*
intel core_i3-8100t_firmware cpe:2.3:o:intel:core_i3-8100t_firmware:-:*:*:*:*:*:*:*
intel core_i3-8300t_firmware cpe:2.3:o:intel:core_i3-8300t_firmware:-:*:*:*:*:*:*:*
intel core_i3-8109u_firmware cpe:2.3:o:intel:core_i3-8109u_firmware:-:*:*:*:*:*:*:*
intel core_i3-8130u_firmware cpe:2.3:o:intel:core_i3-8130u_firmware:-:*:*:*:*:*:*:*
intel core_i3-8100_firmware cpe:2.3:o:intel:core_i3-8100_firmware:-:*:*:*:*:*:*:*
intel core_i3-8350k_firmware cpe:2.3:o:intel:core_i3-8350k_firmware:-:*:*:*:*:*:*:*
intel core_i3-7100_firmware cpe:2.3:o:intel:core_i3-7100_firmware:-:*:*:*:*:*:*:*
intel core_i3-7350k_firmware cpe:2.3:o:intel:core_i3-7350k_firmware:-:*:*:*:*:*:*:*
intel core_i3-7300t_firmware cpe:2.3:o:intel:core_i3-7300t_firmware:-:*:*:*:*:*:*:*
intel core_i3-7167u_firmware cpe:2.3:o:intel:core_i3-7167u_firmware:-:*:*:*:*:*:*:*
intel core_i3-7300_firmware cpe:2.3:o:intel:core_i3-7300_firmware:-:*:*:*:*:*:*:*
intel core_i3-7100h_firmware cpe:2.3:o:intel:core_i3-7100h_firmware:-:*:*:*:*:*:*:*
intel core_i3-7320_firmware cpe:2.3:o:intel:core_i3-7320_firmware:-:*:*:*:*:*:*:*
intel core_i3-7100t_firmware cpe:2.3:o:intel:core_i3-7100t_firmware:-:*:*:*:*:*:*:*
intel core_i3-7100u_firmware cpe:2.3:o:intel:core_i3-7100u_firmware:-:*:*:*:*:*:*:*
intel core_i3-6100u_firmware cpe:2.3:o:intel:core_i3-6100u_firmware:-:*:*:*:*:*:*:*
intel core_i3-6100h_firmware cpe:2.3:o:intel:core_i3-6100h_firmware:-:*:*:*:*:*:*:*
intel core_i3-6167u_firmware cpe:2.3:o:intel:core_i3-6167u_firmware:-:*:*:*:*:*:*:*
intel core_i3-6100_firmware cpe:2.3:o:intel:core_i3-6100_firmware:-:*:*:*:*:*:*:*
intel core_i3-5015u_firmware cpe:2.3:o:intel:core_i3-5015u_firmware:-:*:*:*:*:*:*:*
intel core_i3-5020u_firmware cpe:2.3:o:intel:core_i3-5020u_firmware:-:*:*:*:*:*:*:*
intel core_i3-5005u_firmware cpe:2.3:o:intel:core_i3-5005u_firmware:-:*:*:*:*:*:*:*
intel core_i3-5010u_firmware cpe:2.3:o:intel:core_i3-5010u_firmware:-:*:*:*:*:*:*:*
intel core_i3-5157u_firmware cpe:2.3:o:intel:core_i3-5157u_firmware:-:*:*:*:*:*:*:*
intel core_i5-10210u_firmware cpe:2.3:o:intel:core_i5-10210u_firmware:-:*:*:*:*:*:*:*
intel core_i5-10310y_firmware cpe:2.3:o:intel:core_i5-10310y_firmware:-:*:*:*:*:*:*:*
intel core_i5-10210y_firmware cpe:2.3:o:intel:core_i5-10210y_firmware:-:*:*:*:*:*:*:*
intel core_i5-1035g4_firmware cpe:2.3:o:intel:core_i5-1035g4_firmware:-:*:*:*:*:*:*:*
intel core_i5-1035g7_firmware cpe:2.3:o:intel:core_i5-1035g7_firmware:-:*:*:*:*:*:*:*
intel core_i5-1035g1_firmware cpe:2.3:o:intel:core_i5-1035g1_firmware:-:*:*:*:*:*:*:*
intel core_i5-9500_firmware cpe:2.3:o:intel:core_i5-9500_firmware:-:*:*:*:*:*:*:*
intel core_i5-9600_firmware cpe:2.3:o:intel:core_i5-9600_firmware:-:*:*:*:*:*:*:*
intel core_i5-9400t_firmware cpe:2.3:o:intel:core_i5-9400t_firmware:-:*:*:*:*:*:*:*
intel core_i5-9600t_firmware cpe:2.3:o:intel:core_i5-9600t_firmware:-:*:*:*:*:*:*:*
intel core_i5-9500t_firmware cpe:2.3:o:intel:core_i5-9500t_firmware:-:*:*:*:*:*:*:*
intel core_i5-9300h_firmware cpe:2.3:o:intel:core_i5-9300h_firmware:-:*:*:*:*:*:*:*
intel core_i5-9400h_firmware cpe:2.3:o:intel:core_i5-9400h_firmware:-:*:*:*:*:*:*:*
intel core_i5-9400_firmware cpe:2.3:o:intel:core_i5-9400_firmware:-:*:*:*:*:*:*:*
intel core_i5-9600k_firmware cpe:2.3:o:intel:core_i5-9600k_firmware:-:*:*:*:*:*:*:*
intel core_i5-8265u_firmware cpe:2.3:o:intel:core_i5-8265u_firmware:-:*:*:*:*:*:*:*
intel core_i5-8200y_firmware cpe:2.3:o:intel:core_i5-8200y_firmware:-:*:*:*:*:*:*:*
intel core_i5-8400t_firmware cpe:2.3:o:intel:core_i5-8400t_firmware:-:*:*:*:*:*:*:*
intel core_i5-8300h_firmware cpe:2.3:o:intel:core_i5-8300h_firmware:-:*:*:*:*:*:*:*
intel core_i5-8259u_firmware cpe:2.3:o:intel:core_i5-8259u_firmware:-:*:*:*:*:*:*:*
intel core_i5-8269u_firmware cpe:2.3:o:intel:core_i5-8269u_firmware:-:*:*:*:*:*:*:*
intel core_i5-8700b_firmware cpe:2.3:o:intel:core_i5-8700b_firmware:-:*:*:*:*:*:*:*
intel core_i5-8400b_firmware cpe:2.3:o:intel:core_i5-8400b_firmware:-:*:*:*:*:*:*:*
intel core_i5-8500b_firmware cpe:2.3:o:intel:core_i5-8500b_firmware:-:*:*:*:*:*:*:*
intel core_i5\+8500_firmware cpe:2.3:o:intel:core_i5\+8500_firmware:-:*:*:*:*:*:*:*
intel core_i5\+8400_firmware cpe:2.3:o:intel:core_i5\+8400_firmware:-:*:*:*:*:*:*:*
intel core_i5-8305g_firmware cpe:2.3:o:intel:core_i5-8305g_firmware:-:*:*:*:*:*:*:*
intel core_i5-8400_firmware cpe:2.3:o:intel:core_i5-8400_firmware:-:*:*:*:*:*:*:*
intel core_i5-8250u_firmware cpe:2.3:o:intel:core_i5-8250u_firmware:-:*:*:*:*:*:*:*
intel core_i5-8350u_firmware cpe:2.3:o:intel:core_i5-8350u_firmware:-:*:*:*:*:*:*:*
intel core_i5-7400_firmware cpe:2.3:o:intel:core_i5-7400_firmware:-:*:*:*:*:*:*:*
intel core_i5-7500t_firmware cpe:2.3:o:intel:core_i5-7500t_firmware:-:*:*:*:*:*:*:*
intel core_i5-7600t_firmware cpe:2.3:o:intel:core_i5-7600t_firmware:-:*:*:*:*:*:*:*
intel core_i5-7400t_firmware cpe:2.3:o:intel:core_i5-7400t_firmware:-:*:*:*:*:*:*:*
intel core_i5-7600_firmware cpe:2.3:o:intel:core_i5-7600_firmware:-:*:*:*:*:*:*:*
intel core_i5-7500_firmware cpe:2.3:o:intel:core_i5-7500_firmware:-:*:*:*:*:*:*:*
intel core_i5-7300hq_firmware cpe:2.3:o:intel:core_i5-7300hq_firmware:-:*:*:*:*:*:*:*
intel core_i5-7267u_firmware cpe:2.3:o:intel:core_i5-7267u_firmware:-:*:*:*:*:*:*:*
intel core_i5-7600k_firmware cpe:2.3:o:intel:core_i5-7600k_firmware:-:*:*:*:*:*:*:*
intel core_i5-7260u_firmware cpe:2.3:o:intel:core_i5-7260u_firmware:-:*:*:*:*:*:*:*
intel core_i5-7440hq_firmware cpe:2.3:o:intel:core_i5-7440hq_firmware:-:*:*:*:*:*:*:*
intel core_i5-7287u_firmware cpe:2.3:o:intel:core_i5-7287u_firmware:-:*:*:*:*:*:*:*
intel core_i5-7360u_firmware cpe:2.3:o:intel:core_i5-7360u_firmware:-:*:*:*:*:*:*:*
intel core_i5-7200u_firmware cpe:2.3:o:intel:core_i5-7200u_firmware:-:*:*:*:*:*:*:*
intel core_i5-7y54_firmware cpe:2.3:o:intel:core_i5-7y54_firmware:-:*:*:*:*:*:*:*

References for CVE-2018-12207

URL Tags
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html Mailing List Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3916 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3936 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3941 Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0026 Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0028 Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0204 Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/
https://seclists.org/bugtraq/2020/Jan/21 Mailing List Third Party Advisory
https://security.gentoo.org/glsa/202003-56 Third Party Advisory
https://support.f5.com/csp/article/K17269881?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4186-2/ Third Party Advisory
https://www.debian.org/security/2020/dsa-4602 Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html Vendor Advisory
https://www.oracle.com/security-alerts/cpujul2020.html Patch Third Party Advisory
cvelogic Threat Intelligence