Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3516

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2012-3516
Last Modified 31 Jan 2013 11:49:39
Published 23 Nov 2012 03:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3516

Summary

The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location.

Vulnerable Systems

Operating System

  • Xen 4.2.0

Application

  • Citrix Xenserver 6.0.2


References

MLIST - [oss-security] 20120905 Xen Security Advisory 18 (CVE-2012-3516) - grant table entry swaps have inadequate bounds checking

CONFIRM - http://wiki.xen.org/wiki/Security_Announcements#XSA-18_grant_table_entry_swaps_have_inadequate_bounds_checking

CONFIRM - http://support.citrix.com/article/CTX134708

SECUNIA - 50530

SECUNIA - 50472

SUSE - SUSE-SU-2012:1133

BID - 55411


Last Updated: 27 May 2016 10:58:29