CVE - CVE-2012-4537

CVE-ID
CVE-2012-4537	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:56498 URL:http://www.securityfocus.com/bid/56498 DEBIAN:DSA-2582 URL:http://www.debian.org/security/2012/dsa-2582 GENTOO:GLSA-201309-24 URL:http://security.gentoo.org/glsa/glsa-201309-24.xml GENTOO:GLSA-201604-03 URL:https://security.gentoo.org/glsa/201604-03 MLIST:[Xen-announce] 20121113 Xen Security Advisory 22 (CVE-2012-4537) - Memory mapping failure DoS vulnerability URL:http://lists.xen.org/archives/html/xen-announce/2012-11/msg00005.html MLIST:[oss-security] 20121113 Xen Security Advisory 22 (CVE-2012-4537) - Memory mapping failure DoS vulnerability URL:http://www.openwall.com/lists/oss-security/2012/11/13/6 OSVDB:87307 URL:http://osvdb.org/87307 REDHAT:RHSA-2012:1540 URL:http://rhn.redhat.com/errata/RHSA-2012-1540.html SECTRACK:1027761 URL:http://www.securitytracker.com/id?1027761 SECUNIA:51200 URL:http://secunia.com/advisories/51200 SECUNIA:51324 URL:http://secunia.com/advisories/51324 SECUNIA:51352 URL:http://secunia.com/advisories/51352 SECUNIA:51413 URL:http://secunia.com/advisories/51413 SECUNIA:51468 URL:http://secunia.com/advisories/51468 SECUNIA:55082 URL:http://secunia.com/advisories/55082 SUSE:SUSE-SU-2012:1486 URL:http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html SUSE:SUSE-SU-2012:1487 URL:http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html SUSE:SUSE-SU-2012:1615 URL:http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html SUSE:SUSE-SU-2014:0446 URL:http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html SUSE:SUSE-SU-2014:0470 URL:http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html SUSE:openSUSE-SU-2012:1572 URL:http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html SUSE:openSUSE-SU-2012:1573 URL:http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html XF:xen-setp2mentry-dos(80024) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/80024
Assigning CNA
Red Hat, Inc.
Date Entry Created
20120821	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20120821)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select “Other” from dropdown)