CVE - CVE-2012-3516

CVE-ID
CVE-2012-3516	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MLIST:[oss-security] 20120905 Xen Security Advisory 18 (CVE-2012-3516) - grant table entry swaps have inadequate bounds checking URL:http://www.openwall.com/lists/oss-security/2012/09/05/11 CONFIRM:http://support.citrix.com/article/CTX134708 CONFIRM:http://wiki.xen.org/wiki/Security_Announcements#XSA-18_grant_table_entry_swaps_have_inadequate_bounds_checking SUSE:SUSE-SU-2012:1133 URL:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html BID:55411 URL:http://www.securityfocus.com/bid/55411 SECUNIA:50472 URL:http://secunia.com/advisories/50472 SECUNIA:50530 URL:http://secunia.com/advisories/50530
Assigning CNA
N/A
Date Entry Created
20120614	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20120614)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org