CVE-2012-3495

EPSS 0.08%
Published 23.11.2012 20:55:03
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 1 References 19

Data is provided by the National Vulnerability Database (NVD)

Citrix ≫ Xenserver Version <= 6.0.2

Citrix ≫ Xenserver Version5.0

Citrix ≫ Xenserver Version5.5

Citrix ≫ Xenserver Version5.6

Citrix ≫ Xenserver Version5.6 Updatefp1

Citrix ≫ Xenserver Version5.6 Updatesp2

Citrix ≫ Xenserver Version6.0

Xen ≫ Xen Version4.1.0

Xen ≫ Xen Version4.1.1

Xen ≫ Xen Version4.1.2

Xen ≫ Xen Version4.1.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.208

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.1	3.9	8.5	AV:L/AC:L/Au:N/C:P/I:P/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html

http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html

http://secunia.com/advisories/51413

http://secunia.com/advisories/55082

http://security.gentoo.org/glsa/glsa-201309-24.xml

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html

https://security.gentoo.org/glsa/201604-03

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html

http://support.citrix.com/article/CTX134708

http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html

http://wiki.xen.org/wiki/Security_Announcements#XSA-13_hypercall_physdev_get_free_pirq_vulnerability