CVE - CVE-2012-6036

CVE-ID
CVE-2012-6036	Learn more at National Vulnerability Database (NVD) • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) tmemc_restore_flush_page functions in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 do not check for negative id pools, which allows local guest OS users to cause a denial of service (memory corruption and host crash) or possibly execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MLIST:[Xen-announce] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities URL:http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html MLIST:[oss-security] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities URL:http://www.openwall.com/lists/oss-security/2012/09/05/8 CONFIRM:http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities GENTOO:GLSA-201309-24 URL:http://security.gentoo.org/glsa/glsa-201309-24.xml GENTOO:GLSA-201604-03 URL:https://security.gentoo.org/glsa/201604-03 BID:55410 URL:http://www.securityfocus.com/bid/55410 OSVDB:85199 URL:http://osvdb.org/85199 SECTRACK:1027482 URL:http://www.securitytracker.com/id?1027482 SECUNIA:50472 URL:http://secunia.com/advisories/50472 SECUNIA:55082 URL:http://secunia.com/advisories/55082 XF:xen-tmem-priv-esc(78268) URL:http://xforce.iss.net/xforce/xfdb/78268 XF:xen-memcsavegetnextpage-code-exec(80326) URL:http://xforce.iss.net/xforce/xfdb/80326
Date Entry Created
20121123	Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20121123)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE list, which standardizes names for security problems.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org

Common Vulnerabilities and Exposures

CVE-2012-6036