DEBIAN-CVE-2019-3016
Advisory lineage Upstream: 1 Downstream: 1
Upstream
Downstream
Published: 31 Jan 2020, 20:15
Last modified:28 Apr 2026, 20:20
Vulnerability Summary
Overall Risk (default)
low
19/100 CVSS Score
4.7 MEDIUM
3.1 (osv_debian)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
31 Jan 2020, 20:15
Published
Vulnerability first disclosed
28 Apr 2026, 20:20
Last Modified
Vulnerability information updated
Description
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.
CVSS Metrics
- v3.1•MEDIUM•Score: 4.7CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Systems
- debian•linux
< 5.4.19-1 | < 5.4.19-1 | < 5.4.19-1 | < 5.4.19-1