Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5510

Overview

Vulnerability Score 4.7 4.7
CVE Id CVE-2012-5510
Last Modified 19 Apr 2014 12:28:29
Published 13 Dec 2012 06:53:48
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-5510

Summary

Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors.

Vulnerable Systems

Operating System

  • Xen 4.0.0

  • Xen 4.0.1

  • Xen 4.0.2

  • Xen 4.0.3

  • Xen 4.0.4

  • Xen 4.1.0

  • Xen 4.1.1

  • Xen 4.1.2

  • Xen 4.1.3

  • Xen 4.2.0


References

XF - xen-grant-table-dos(80478)

BID - 56794

OSVDB - 88128

MLIST - [oss-security] 20121203 Xen Security Advisory 26 (CVE-2012-5510) - Grant table version switch list corruption vulnerability

DEBIAN - DSA-2582

CONFIRM - http://support.citrix.com/article/CTX135777

SECUNIA - 51487

SECUNIA - 51486

SECUNIA - 51468

SECUNIA - 51397

SUSE - SUSE-SU-2012:1615

SUSE - openSUSE-SU-2013:0133

SUSE - openSUSE-SU-2012:1687

SUSE - openSUSE-SU-2012:1685

SUSE - openSUSE-SU-2013:0637

SUSE - openSUSE-SU-2013:0636

GENTOO - GLSA-201309-24

SECUNIA - 55082

SUSE - SUSE-SU-2014:0446

Related Patches

Novell SUSE 2012:7133 xen security update for SLE 11 SP2 x86_64


Last Updated: 27 May 2016 10:55:06