Xen MMIO Emulation Flaw Lets Local Guest Users Deny Service on the Guest Operating System
|
|
SecurityTracker Alert ID: 1027313 |
|
SecurityTracker URL: http://securitytracker.com/id/1027313
|
|
CVE Reference:
CVE-2012-3432
(Links to External Site)
|
Updated: Sep 6 2012
|
Original Entry Date: Jul 26 2012
|
Impact:
Denial of service via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in Xen. A local user on the guest operating system can cause denial of service conditions on the guest system.
A local user on the guest operating system can run code that has privileges to access MMIO regions can trigger a flaw in MMIO emulation to cause the guest operating system to crash.
All versions that support HVM guests are affected.
|
Impact:
A local user on the guest operating system can cause denial of service conditions on the target guest operating system.
|
Solution:
The vendor has issued a patch (xsa10-4.x.patch).
|
Vendor URL: www.xen.org/ (Links to External Site)
|
Cause:
State error
|
Underlying OS:
Linux (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
