Medium severity6.8NVD Advisory· Published Sep 13, 2018· Updated Jun 17, 2026

CVE-2018-8438

Description

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8436, CVE-2018-8437.

Affected products

Microsoft/Hyper-Vllm-fuzzy
Microsoft/Windows 10 1909cpe-rescue
Range: 32-bit Systems
Microsoft/Windows Server 2003cpe-rescue
Range: version 1709 (Server Core Installation)
Microsoft/Windows 8.1cpe-rescue
Range: 32-bit systems
Microsoft/Windows Rt 8.1cpe-rescue
Range: Windows RT 8.1
Microsoft/Windows Server 2012cpe-rescue
Range: (Server Core installation)
Microsoft/Windows Server 2016cpe-rescue
Range: (Server Core installation)

Patches

Vulnerability mechanics

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8438nvdPatchVendor Advisory
www.securityfocus.com/bid/105249nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1041624nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.442
epss	0.006
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000