PT-2012-4760 · Citrix+2 · Xenserver+2

Matthew Daley

Published

2012-09-14

Updated

2017-07-01

CVE-2012-3495

CVSS v2.0

6.1

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:C

Name of the Vulnerable Software and Affected Versions Xen versions 4.1.x Citrix XenServer version 6.0.2 and earlier

Description The issue allows guest OS users to cause a denial of service and possibly gain privileges via unspecified vectors. This is due to the physdev get free pirq hypercall in arch/x86/physdev.c using the return value of the get free pirq function as an array index without checking for error indications, leading to an invalid memory write and host crash.

Recommendations For Xen versions 4.1.x, update to a version that includes a fix for this issue. For Citrix XenServer version 6.0.2 and earlier, update to a version that includes a fix for this issue.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2012-3495

OPENSUSE-SU-2012_1172-1

OPENSUSE-SU-2012_1572-1

OPENSUSE-SU-2012_1573-1

Affected Products

Suse

Xen

Xenserver

PT-2012-4760 · Citrix+2 · Xenserver+2

CVE-2012-3495

Weakness Enumeration

Related Identifiers

Affected Products

References · 68