Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-6032

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2012-6032
Last Modified 10 Oct 2013 11:47:46
Published 23 Nov 2012 03:55:04
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2012-6032

Summary

Multiple integer overflows in the (1) tmh_copy_from_client and (2) tmh_copy_to_client functions in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (memory corruption and host crash) via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.

Vulnerable Systems

Operating System

  • Xen 4.0.0

  • Xen 4.1.0

  • Xen 4.2.0


References

XF - xen-tmem-priv-esc(78268)

SECTRACK - 1027482

BID - 55410

MLIST - [oss-security] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities

CONFIRM - http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities

SECUNIA - 50472

OSVDB - 85199

MLIST - [Xen-announce] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities

GENTOO - GLSA-201309-24

SECUNIA - 55082


Last Updated: 27 May 2016 10:58:30