Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3433

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2012-3433
Last Modified 10 Oct 2013 11:44:48
Published 24 Nov 2012 03:55:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2012-3433

Summary

Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service (domain 0 VCPU hang and kernel panic) by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown.

Vulnerable Systems

Operating System

  • Xen 4.0.0

  • Xen 4.1.0


References

BID - 54942

MLIST - [oss-security] 20120809 Xen Security Advisory 11 (CVE-2012-3433) - HVM destroy p2m host DoS

MLIST - [Xen-devel] 20120809 Xen Security Advisory 11 (CVE-2012-3433) - HVM destroy p2m host DoS

DEBIAN - DSA-2531

SUSE - openSUSE-SU-2012:1174

SUSE - openSUSE-SU-2012:1172

SUSE - SUSE-SU-2012:1044

SUSE - SUSE-SU-2012:1043

GENTOO - GLSA-201309-24

SECUNIA - 55082

Related Patches

Novell SUSE 2012:6640 xen-201208 security update for SLE 11 SP2 x86_64

Novell SUSE 2012:6653 xen-201208 security update for SLE 11 SP1 i586

Novell SUSE 2012:6653 xen-201208 security update for SLE 11 SP1 x86_64


Last Updated: 27 May 2016 10:51:49