PT-2012-5466 · Xen+2 · Xen+2

Publicado

2012-11-21

Atualizado

2024-06-15

CVE-2012-4535

CVSS v2.0

1.9

Baixa

Vetor

AV:L/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Xen versions 3.4 through 4.2 Xen versions prior to 3.4

Description The issue allows local guest OS administrators to cause a denial of service by setting a VCPU with an "inappropriate deadline", resulting in a Xen infinite loop and physical CPU consumption.

Recommendations For Xen versions 3.4 through 4.2, consider restricting VCPU settings to prevent the denial of service. For Xen versions prior to 3.4, consider upgrading to a version where this issue is addressed, or apply configuration changes to limit the impact of the issue. As a temporary workaround, consider disabling VCPU settings until a patch is available.

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2012-4535

DSA-2582-1

OPENSUSE-SU-2012_1572-1

OPENSUSE-SU-2012_1573-1

OPENSUSE-SU-2024:10196-1

RHSA-2012:1540

RHSA-2012_1540

SUSE-SU-2014_0470-1

Produtos afetados

Red Hat

Suse

Xen

PT-2012-5466 · Xen+2 · Xen+2

CVE-2012-4535

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 238