Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5525

Overview

Vulnerability Score 4.7 4.7
CVE Id CVE-2012-5525
Last Modified 10 Oct 2013 11:47:20
Published 13 Dec 2012 06:53:49
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-5525

Summary

The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.

Vulnerable Systems

Operating System

  • Xen 4.2.0


References

XF - xen-getpagefromgfn-dos(80480)

BID - 56805

OSVDB - 88133

MLIST - [oss-security] 20121203 Xen Security Advisory 26 (CVE-2012-5510) - Grant table version switch list corruption vulnerability

SECUNIA - 51397

GENTOO - GLSA-201309-24

SECUNIA - 55082


Last Updated: 27 May 2016 10:58:36