Lucene search

K

Ubuntu.comUB:CVE-2012-4536

HistoryNov 21, 2012 - 12:00 a.m.

CVE-2012-4536

2012-11-2100:00:00

ubuntu.com

ubuntu.com

8

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

27.3%

The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen
2.2 allows local guest OS administrators to cause a denial of service (Xen
crash) via a crafted pirq value that triggers an out-of-bounds read.

Notes

Author	Note
mdeslaur	only xen 4.1 is vulnerable

OSVersionArchitecturePackageVersionFilename
ubuntu11.10noarchxen< 4.1.1-2ubuntu4.3UNKNOWN
ubuntu12.04noarchxen< 4.1.2-2ubuntu2.3UNKNOWN
ubuntu12.10noarchxen< 4.1.3-3ubuntu1.1UNKNOWN

References

lists.xen.org/archives/html/xen-announce/2012-11/msg00003.html

osvdb.org/87297

www.openwall.com/lists/oss-security/2012/11/13/2

www.securitytracker.com/id?1027760

xforce.iss.net/xforce/xfdb/80023

launchpad.net/bugs/cve/CVE-2012-4536

nvd.nist.gov/vuln/detail/CVE-2012-4536

security-tracker.debian.org/tracker/CVE-2012-4536

www.cve.org/CVERecord?id=CVE-2012-4536

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

27.3%

Related for UB:CVE-2012-4536

debiancve1 prion1 cve1 nessus12 openvas41 suse5 fedora16 gentoo2