Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-3495
HistoryNov 23, 2012 - 12:00 a.m.

CVE-2012-3495

2012-11-2300:00:00
ubuntu.com
ubuntu.com
8

6.1 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

0.001 Low

EPSS

Percentile

27.1%

JSON

The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and
Citrix XenServer 6.0.2 and earlier uses the return value of the
get_free_pirq function as an array index without checking that the return
value indicates an error, which allows guest OS users to cause a denial of
service (invalid memory write and host crash) and possibly gain privileges
via unspecified vectors.

Bugs

Notes

Author Note
mdeslaur This is XSA-13 only affects 4.1
OSVersionArchitecturePackageVersionFilename
ubuntu11.10noarchxen< 4.1.1-2ubuntu4.4UNKNOWN
ubuntu12.04noarchxen< 4.1.2-2ubuntu2.4UNKNOWN

Related

debiancve 1
prion 1
seebug 1
cve 1
nessus 11
suse 5
openvas 50
fedora 20
gentoo 2
debiancve
debiancve
CVE-2012-3495
2012-11-23 20:55:00
prion
prion
Design/Logic Flaw
2012-11-23 20:55:00
seebug
seebug
XenSource Xen 'physdev_get_free_pirq'拒绝服务漏洞
2012-09-09 00:00:00
cve
cve
CVE-2012-3495
2012-11-23 20:55:00
nessus
nessus
OracleVM 3.1 : xen (OVMSA-2012-0039)
2014-11-26 00:00:00
SuSE 11.2 Security Update : Xen (SAT Patch Number 6748)
2013-01-25 00:00:00
SuSE 11.2 Security Update : Xen (SAT Patch Number 6748)
2013-01-25 00:00:00
suse
suse
Security update for Xen (important)
2012-09-07 15:08:36
Security update for Xen (important)
2012-09-07 16:08:25
Security Update for Xen (important)
2012-09-14 14:09:32
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2012:1132-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1133-1)
2021-06-09 00:00:00
SuSE Update for Security openSUSE-SU-2012:1172-1 (Security)
2012-12-13 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: xen-4.1.3-4.fc17
2012-09-17 17:45:19
[SECURITY] Fedora 16 Update: xen-4.1.3-2.fc16
2012-09-17 18:00:53
[SECURITY] Fedora 17 Update: xen-4.1.3-5.fc17
2012-11-09 18:01:40
gentoo
gentoo
Xen: Multiple vulnerabilities
2016-04-05 00:00:00
Xen: Multiple vulnerabilities
2013-09-27 00:00:00

6.1 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:P/A:C

0.001 Low

EPSS

Percentile

27.1%

JSON
Related for UB:CVE-2012-3495
debiancve1prion1seebug1cve1nessus11suse5openvas50fedora20gentoo2