Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-5525HistoryDec 13, 2012 - 11:53 a.m.
CVE-2012-5525
2012-12-1311:53:49
Debian Security Bug Tracker
security-tracker.debian.org
13
4.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.002 Low
EPSS
Percentile
55.1%
The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xen | < 4.17.3+10-g091466ba55-1~deb12u1 | xen_4.17.3+10-g091466ba55-1~deb12u1_all.deb |
| Debian | 11 | all | xen | < 4.14.6-1 | xen_4.14.6-1_all.deb |
| Debian | 999 | all | xen | < 4.17.3+36-g54dacb5c02-1 | xen_4.17.3+36-g54dacb5c02-1_all.deb |
| Debian | 13 | all | xen | < 4.17.3+36-g54dacb5c02-1 | xen_4.17.3+36-g54dacb5c02-1_all.deb |
Related
cvelist
cvelist
CVE-2012-5525
2012-12-13 11:00:00
ubuntucve
ubuntucve
CVE-2012-5525
2012-12-13 00:00:00
nvd
nvd
CVE-2012-5525
2012-12-13 11:53:49
cve
cve
CVE-2012-5525
2012-12-13 11:53:49
xen
xen
several hypercalls do not validate input GFNs
2012-12-03 17:51:00
prion
prion
Buffer overflow
2012-12-13 11:53:00
fedora
fedora
[SECURITY] Fedora 18 Update: xen-4.2.0-6.fc18
2012-12-12 00:16:38
nessus
nessus
Fedora 18 : xen-4.2.0-6.fc18 (2012-19652)
2012-12-12 00:00:00
GLSA-201309-24 : Xen: Multiple vulnerabilities
2013-09-28 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201309-24
2015-09-29 00:00:00
gentoo
gentoo
Xen: Multiple vulnerabilities
2013-09-27 00:00:00
4.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.002 Low
EPSS
Percentile
55.1%
Related for DEBIANCVE:CVE-2012-5525