Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-6035
HistoryNov 23, 2012 - 12:00 a.m.

CVE-2012-6035

2012-11-2300:00:00
ubuntu.com
ubuntu.com
6

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

42.1%

The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in Xen
4.0, 4.1, and 4.2 does not properly validate pool ids, which allows local
guest OS users to cause a denial of service (memory corruption and host
crash) or execute arbitrary code via unspecified vectors. NOTE: this issue
was originally published as part of CVE-2012-3497, which was too general;
CVE-2012-3497 has been SPLIT into this ID and others.

Notes

Author Note
seth-arnold Xen team strongly recommends against TMEM use
mdeslaur only 4.0 and higher ONLY installations where “tmem” is specified on the hypervisor command line are vulnerable. Most Xen installations do not do so. upstream says: “TMEM has been described by its maintainers as a technology preview, and is therefore not supported by them for use in production systems. Pending a full security audit of the code, the Xen.org security team recommends that Xen users do not enable TMEM.” We will not be fixing this in Ubuntu. Marking as “ignored”

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

42.1%