Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-5514HistoryDec 13, 2012 - 11:53 a.m.
CVE-2012-5514
2012-12-1311:53:00
Debian Security Bug Tracker
security-tracker.debian.org
12
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
27.3%
The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xen | <Â 4.1.3-6 | xen_4.1.3-6_all.deb |
| Debian | 11 | all | xen | <Â 4.1.3-6 | xen_4.1.3-6_all.deb |
| Debian | 10 | all | xen | <Â 4.1.3-6 | xen_4.1.3-6_all.deb |
| Debian | 999 | all | xen | <Â 4.1.3-6 | xen_4.1.3-6_all.deb |
| Debian | 13 | all | xen | <Â 4.1.3-6 | xen_4.1.3-6_all.deb |
Related
ubuntucve
ubuntucve
CVE-2012-5514
2012-12-13 00:00:00
cve
cve
CVE-2012-5514
2012-12-13 11:53:00
xen
xen
Broken error handling in guest_physmap_mark_populate_on_demand()
2012-12-03 17:51:00
prion
prion
Command injection
2012-12-13 11:53:00
nessus
nessus
OracleVM 2.2 : xen (OVMSA-2012-0058)
2014-11-26 00:00:00
OracleVM 3.0 : xen (OVMSA-2012-0056)
2014-11-26 00:00:00
Fedora 18 : xen-4.2.0-6.fc18 (2012-19652)
2012-12-12 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: xen-4.2.0-6.fc18
2012-12-12 00:16:38
[SECURITY] Fedora 17 Update: xen-4.1.4-2.fc17
2013-01-23 01:28:58
[SECURITY] Fedora 17 Update: xen-4.1.3-7.fc17
2012-12-13 06:01:07
suse
suse
xen to fix various denial of service issues (important)
2013-01-23 14:05:00
xen to fix various denial of service issues (important)
2012-12-23 20:16:24
Security update for Xen (important)
2012-12-06 17:08:57
securityvulns
securityvulns
[SECURITY] [DSA 2582-1] xen security update
2012-12-09 00:00:00
xen multiple security vulnerabilities
2012-12-09 00:00:00
osv
osv
xen - denial of service
2012-12-07 00:00:00
openvas
openvas
SuSE Update for xen openSUSE-SU-2012:1687-1 (xen)
2013-03-11 00:00:00
Debian Security Advisory DSA 2582-1 (xen - several vulnerabilities)
2013-09-18 00:00:00
openSUSE: Security Advisory for xen (openSUSE-SU-2012:1687-1)
2013-03-11 00:00:00
debian
debian
[SECURITY] [DSA 2582-1] xen security update
2012-12-07 15:40:44
gentoo
gentoo
Xen: Multiple vulnerabilities
2013-09-27 00:00:00
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
27.3%
Related for DEBIANCVE:CVE-2012-5514