Lucene search

PRIOn knowledge basePRION:CVE-2012-3432

HistoryDec 03, 2012 - 9:55 p.m.

Design/Logic Flaw

2012-12-0321:55:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

45.0%

JSON

The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations emulator for Xen 3.3 and 4.x, when running an HVM guest, does not properly reset certain state information between emulation cycles, which allows local guest OS users to cause a denial of service (guest OS crash) via unspecified operations on MMIO regions.

CPENameOperatorVersion
xeneq4.0.4
xeneq4.0.2
xeneq4.1.2
xeneq4.0.0
xeneq4.1.1
xeneq4.2.0
xeneq4.1.0
xeneq4.1.3
xeneq3.3.0
xeneq4.0.1

Name	Operator	Version
xen	eq	4.0.4
xen	eq	4.0.2
xen	eq	4.1.2
xen	eq	4.0.0
xen	eq	4.1.1
xen	eq	4.2.0
xen	eq	4.1.0
xen	eq	4.1.3
xen	eq	3.3.0
xen	eq	4.0.1

Rows per page:

1-10 of 111

References

lists.opensuse.org/opensuse-security-announce/2012-08/msg00024.html

lists.opensuse.org/opensuse-security-announce/2012-08/msg00025.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html

lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html

secunia.com/advisories/55082

security.gentoo.org/glsa/glsa-201309-24.xml

www.debian.org/security/2012/dsa-2531

www.securityfocus.com/bid/54691

6.6 Medium

AI Score

Confidence

High

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

45.0%

JSON

Related for PRION:CVE-2012-3432