CVE 2012-4537
Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability."
Related bugs and status
CVE-2012-4537 (Candidate) is related to these bugs:
Bug #1086801: xen: security advisories 20-25
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1086801 | xen: security advisories 20-25 | xen (Ubuntu) | Medium | Fix Released | ||
1086801 | xen: security advisories 20-25 | xen (Ubuntu Raring) | Medium | Fix Released | ||
1086801 | xen: security advisories 20-25 | xen (Ubuntu Quantal) | Medium | Fix Released | ||
1086801 | xen: security advisories 20-25 | xen (Ubuntu Precise) | Medium | Fix Released | ||
1086801 | xen: security advisories 20-25 | xen (Ubuntu Oneiric) | Medium | Fix Released |
Bug #1086875: xen: security advisories 26-32
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1086875 | xen: security advisories 26-32 | xen (Ubuntu) | Medium | Fix Released | ||
1086875 | xen: security advisories 26-32 | xen (Ubuntu Raring) | Medium | Fix Released | ||
1086875 | xen: security advisories 26-32 | xen (Ubuntu Quantal) | Medium | Fix Released | ||
1086875 | xen: security advisories 26-32 | xen (Ubuntu Precise) | Medium | Fix Released | ||
1086875 | xen: security advisories 26-32 | xen (Ubuntu Oneiric) | Medium | Fix Released |
Bug #1176209: Import problem caused by duplicate message ID
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1176209 | Import problem caused by duplicate message ID | xen (Ubuntu) | Low | Invalid | ||
1176209 | Import problem caused by duplicate message ID | xen (Ubuntu Precise) | Low | Fix Released | ||
1176209 | Import problem caused by duplicate message ID | xen (Ubuntu Quantal) | Low | Fix Released |
Bug #1180396: Xen stable update to 4.1.5
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1180396 | Xen stable update to 4.1.5 | xen (Ubuntu) | Low | Invalid | ||
1180396 | Xen stable update to 4.1.5 | xen (Ubuntu Precise) | Medium | Fix Released | ||
1180396 | Xen stable update to 4.1.5 | xen (Ubuntu Quantal) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.