Published: 24/11/2012 Updated: 11/10/2013

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service (domain 0 VCPU hang and kernel panic) by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 4.0.0
xen xen 4.1.0

Debian Bug report logs - #683279 CVE-2012-3432 Package: xen; Maintainer for xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Mon, 30 Jul 2012 13:27:02 UTC Severity: important Tags: security Fixed in versions xen/401-53, xen/413-1 ...

CWE-399 http://www.openwall.com/lists/oss-security/2012/08/09/3 http://lists.xen.org/archives/html/xen-devel/2012-08/msg00855.html http://www.securityfocus.com/bid/54942 http://www.debian.org/security/2012/dsa-2531 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00024.html http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683279 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-3433

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect