| ID |
CVE-2012-2934
|
| Summary |
Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via sequential execution of instructions across a non-canonical boundary, a different vulnerability than CVE-2012-0217. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 1.9 (as of 05-05-2014 - 05:11) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-noinfo |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
PARTIAL |
|
| cvss-vector
via4
|
AV:L/AC:M/Au:N/C:N/I:N/A:P
|
| redhat
via4
|
| advisories | | bugzilla | | id | 824966 | | title | CVE-2012-2934 kernel: denial of service due to AMD Erratum #121 |
| | oval | | OR | | comment | Red Hat Enterprise Linux must be installed | | oval | oval:com.redhat.rhba:tst:20070304026 |
| AND | | comment | Red Hat Enterprise Linux 5 is installed | | oval | oval:com.redhat.rhba:tst:20070331005 |
| OR | | comment | kernel earlier than 0:2.6.18-308.8.2.el5 is currently running | | oval | oval:com.redhat.rhsa:tst:20120721025 |
| comment | kernel earlier than 0:2.6.18-308.8.2.el5 is set to boot up on next boot | | oval | oval:com.redhat.rhsa:tst:20120721026 |
|
| OR | | AND | | comment | kernel is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721001 |
| comment | kernel is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314002 |
|
| AND | | comment | kernel-PAE is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721003 |
| comment | kernel-PAE is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314004 |
|
| AND | | comment | kernel-PAE-devel is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721005 |
| comment | kernel-PAE-devel is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314006 |
|
| AND | | comment | kernel-debug is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721007 |
| comment | kernel-debug is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314008 |
|
| AND | | comment | kernel-debug-devel is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721009 |
| comment | kernel-debug-devel is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314010 |
|
| AND | | comment | kernel-devel is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721011 |
| comment | kernel-devel is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314012 |
|
| AND | | comment | kernel-doc is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721013 |
| comment | kernel-doc is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314014 |
|
| AND | | comment | kernel-headers is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721015 |
| comment | kernel-headers is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314016 |
|
| AND | | comment | kernel-kdump is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721017 |
| comment | kernel-kdump is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314018 |
|
| AND | | comment | kernel-kdump-devel is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721019 |
| comment | kernel-kdump-devel is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314020 |
|
| AND | | comment | kernel-xen is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721021 |
| comment | kernel-xen is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314022 |
|
| AND | | comment | kernel-xen-devel is earlier than 0:2.6.18-308.8.2.el5 | | oval | oval:com.redhat.rhsa:tst:20120721023 |
| comment | kernel-xen-devel is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhba:tst:20080314024 |
|
|
|
|
| | rhsa | | id | RHSA-2012:0721 | | released | 2012-06-12 | | severity | Important | | title | RHSA-2012:0721: kernel security update (Important) |
|
| | rpms | - kernel-0:2.6.18-308.8.2.el5
- kernel-PAE-0:2.6.18-308.8.2.el5
- kernel-PAE-debuginfo-0:2.6.18-308.8.2.el5
- kernel-PAE-devel-0:2.6.18-308.8.2.el5
- kernel-debug-0:2.6.18-308.8.2.el5
- kernel-debug-debuginfo-0:2.6.18-308.8.2.el5
- kernel-debug-devel-0:2.6.18-308.8.2.el5
- kernel-debuginfo-0:2.6.18-308.8.2.el5
- kernel-debuginfo-common-0:2.6.18-308.8.2.el5
- kernel-devel-0:2.6.18-308.8.2.el5
- kernel-doc-0:2.6.18-308.8.2.el5
- kernel-headers-0:2.6.18-308.8.2.el5
- kernel-kdump-0:2.6.18-308.8.2.el5
- kernel-kdump-debuginfo-0:2.6.18-308.8.2.el5
- kernel-kdump-devel-0:2.6.18-308.8.2.el5
- kernel-xen-0:2.6.18-308.8.2.el5
- kernel-xen-debuginfo-0:2.6.18-308.8.2.el5
- kernel-xen-devel-0:2.6.18-308.8.2.el5
|
|
| refmap
via4
|
| bid | 53961 | | debian | DSA-2501 | | gentoo | GLSA-201309-24 | | misc | http://support.amd.com/us/Processor_TechDocs/25759.pdf | | mlist | [Xen-announce] 20120612 [Xen-announce] Xen Security Advisory 9 (CVE-2012-2934) - PV guest host DoS (AMD erratum #121) | | secunia | | | suse | - openSUSE-SU-2012:1572
- openSUSE-SU-2012:1573
|
|
| Last major update |
05-05-2014 - 05:11 |
| Published |
03-12-2012 - 21:55 |
| Last modified |
05-05-2014 - 05:11 |
