CVE - CVE-2012-3496

CVE-ID
CVE-2012-3496	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:55412 URL:http://www.securityfocus.com/bid/55412 CONFIRM:http://support.citrix.com/article/CTX134708 CONFIRM:http://wiki.xen.org/wiki/Security_Announcements#XSA-14_XENMEM_populate_physmap_DoS_vulnerability DEBIAN:DSA-2544 URL:http://www.debian.org/security/2012/dsa-2544 GENTOO:GLSA-201309-24 URL:http://security.gentoo.org/glsa/glsa-201309-24.xml GENTOO:GLSA-201604-03 URL:https://security.gentoo.org/glsa/201604-03 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=854590 MLIST:[Xen-announce] 20120905 Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability URL:http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html MLIST:[oss-security] 20120905 Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability URL:http://www.openwall.com/lists/oss-security/2012/09/05/7 OSVDB:85200 URL:http://www.osvdb.org/85200 SECTRACK:1027481 URL:http://securitytracker.com/id?1027481 SECUNIA:50472 URL:http://secunia.com/advisories/50472 SECUNIA:50530 URL:http://secunia.com/advisories/50530 SECUNIA:51413 URL:http://secunia.com/advisories/51413 SECUNIA:55082 URL:http://secunia.com/advisories/55082 SUSE:SUSE-SU-2012:1132 URL:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html SUSE:SUSE-SU-2012:1133 URL:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html SUSE:SUSE-SU-2012:1162 URL:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html SUSE:openSUSE-SU-2012:1172 URL:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html SUSE:openSUSE-SU-2012:1174 URL:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html SUSE:openSUSE-SU-2012:1572 URL:http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html SUSE:openSUSE-SU-2012:1573 URL:http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html XF:xen-xenmempopulatephysmap-dos(78267) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/78267
Assigning CNA
Red Hat, Inc.
Date Entry Created
20120614	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20120614)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select “Other” from dropdown)