Lucene search
Ubuntu.comUB:CVE-2012-5525HistoryDec 13, 2012 - 12:00 a.m.
CVE-2012-5525
2012-12-1300:00:00
ubuntu.com
ubuntu.com
10
4.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.002 Low
EPSS
Percentile
55.1%
The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest
OS administrators to cause a denial of service (crash) via a crafted GFN
that triggers a buffer over-read.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | xen 4.1 and earlier are not affected |
Related
cve
cve
CVE-2012-5525
2012-12-13 11:53:49
xen
xen
several hypercalls do not validate input GFNs
2012-12-03 17:51:00
prion
prion
Buffer overflow
2012-12-13 11:53:00
cvelist
cvelist
CVE-2012-5525
2012-12-13 11:00:00
nvd
nvd
CVE-2012-5525
2012-12-13 11:53:49
debiancve
debiancve
CVE-2012-5525
2012-12-13 11:53:49
fedora
fedora
[SECURITY] Fedora 18 Update: xen-4.2.0-6.fc18
2012-12-12 00:16:38
nessus
nessus
Fedora 18 : xen-4.2.0-6.fc18 (2012-19652)
2012-12-12 00:00:00
GLSA-201309-24 : Xen: Multiple vulnerabilities
2013-09-28 00:00:00
gentoo
gentoo
Xen: Multiple vulnerabilities
2013-09-27 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201309-24
2015-09-29 00:00:00
4.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.002 Low
EPSS
Percentile
55.1%
Related for UB:CVE-2012-5525