CVE-2012-5510

CVSSv4: NA | CVSSv3: NA | CVSSv2: 4.7 | VMScore: 570 | EPSS: 0.00092 | KEV: Not Included

Published: 13/12/2012 Updated: 21/11/2024

Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 4.0.0
xen xen 4.0.1
xen xen 4.0.2
xen xen 4.0.3
xen xen 4.0.4
xen xen 4.1.0
xen xen 4.1.1
xen xen 4.1.2
xen xen 4.1.3
xen xen 4.2.0

Multiple denial of service vulnerabilities have been discovered in the Xen Hypervisor One of the issue (CVE-2012-5513) could even lead to privilege escalation from guest to host Some of the recently published Xen Security Advisories (XSA 25 and 28) are not fixed by this update and should be fixed in a future release CVE-2011-3131 (XSA 5): DoS ...

NVD-CWE-Other https://nvd.nist.gov https://www.debian.org/security/./dsa-2582 https://www.first.org/epss http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00051.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00052.html http://secunia.com/advisories/51397 http://secunia.com/advisories/51468 http://secunia.com/advisories/51486 http://secunia.com/advisories/51487 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://support.citrix.com/article/CTX135777 http://www.debian.org/security/2012/dsa-2582 http://www.openwall.com/lists/oss-security/2012/12/03/6 http://www.osvdb.org/88128 http://www.securityfocus.com/bid/56794 https://exchange.xforce.ibmcloud.com/vulnerabilities/80478 http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00051.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00052.html http://secunia.com/advisories/51397 http://secunia.com/advisories/51468 http://secunia.com/advisories/51486 http://secunia.com/advisories/51487 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://support.citrix.com/article/CTX135777 http://www.debian.org/security/2012/dsa-2582 http://www.openwall.com/lists/oss-security/2012/12/03/6 http://www.osvdb.org/88128 http://www.securityfocus.com/bid/56794 https://exchange.xforce.ibmcloud.com/vulnerabilities/80478

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook