Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-6030

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2012-6030
Last Modified 10 Oct 2013 11:47:45
Published 23 Nov 2012 03:55:04
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2012-6030

Summary

The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via unspecified vectors related to "broken locking checks" in an "error path." NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.

Vulnerable Systems

Operating System

  • Xen 4.0.0

  • Xen 4.1.0

  • Xen 4.2.0


References

XF - xen-tmem-priv-esc(78268)

SECTRACK - 1027482

BID - 55410

MLIST - [oss-security] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities

CONFIRM - http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities

SECUNIA - 50472

OSVDB - 85199

MLIST - [Xen-announce] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities

GENTOO - GLSA-201309-24

SECUNIA - 55082


Last Updated: 27 May 2016 10:58:30