6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
28.1%
The do_tmem_control function in the Transcendent Memory (TMEM) in Xen 4.0,
4.1, and 4.2 does not properly check privileges, which allows local guest
OS users to access control stack operations via unspecified vectors. NOTE:
this issue was originally published as part of CVE-2012-3497, which was too
general; CVE-2012-3497 has been SPLIT into this ID and others.
Author | Note |
---|---|
seth-arnold | Xen team strongly recommends against TMEM use |
mdeslaur | only 4.0 and higher ONLY installations where “tmem” is specified on the hypervisor command line are vulnerable. Most Xen installations do not do so. upstream says: “TMEM has been described by its maintainers as a technology preview, and is therefore not supported by them for use in production systems. Pending a full security audit of the code, the Xen.org security team recommends that Xen users do not enable TMEM.” We will not be fixing this in Ubuntu. Marking as “ignored” |
lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html
osvdb.org/85199
secunia.com/advisories/50472
wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities
www.openwall.com/lists/oss-security/2012/09/05/8
www.securitytracker.com/id?1027482
xforce.iss.net/xforce/xfdb/78268
launchpad.net/bugs/cve/CVE-2012-6033
nvd.nist.gov/vuln/detail/CVE-2012-6033
security-tracker.debian.org/tracker/CVE-2012-6033
www.cve.org/CVERecord?id=CVE-2012-6033