ID CVE-2012-5525
Summary The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.
References
Vulnerable Configurations
  • cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*
CVSS
Base: 4.7 (as of 29-08-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:N/I:N/A:C
refmap via4
bid 56805
gentoo GLSA-201309-24
mlist [oss-security] 20121203 Xen Security Advisory 26 (CVE-2012-5510) - Grant table version switch list corruption vulnerability
osvdb 88133
secunia
  • 51397
  • 55082
xf xen-getpagefromgfn-dos(80480)
Last major update 29-08-2017 - 01:32
Published 13-12-2012 - 11:53
Back to Top