CVE 2012-5513
The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range.
Related bugs and status
CVE-2012-5513 (Candidate) is related to these bugs:
Bug #1086801: xen: security advisories 20-25
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1086801 | xen: security advisories 20-25 | xen (Ubuntu) | Medium | Fix Released | ||
1086801 | xen: security advisories 20-25 | xen (Ubuntu Raring) | Medium | Fix Released | ||
1086801 | xen: security advisories 20-25 | xen (Ubuntu Quantal) | Medium | Fix Released | ||
1086801 | xen: security advisories 20-25 | xen (Ubuntu Precise) | Medium | Fix Released | ||
1086801 | xen: security advisories 20-25 | xen (Ubuntu Oneiric) | Medium | Fix Released |
Bug #1086875: xen: security advisories 26-32
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1086875 | xen: security advisories 26-32 | xen (Ubuntu) | Medium | Fix Released | ||
1086875 | xen: security advisories 26-32 | xen (Ubuntu Raring) | Medium | Fix Released | ||
1086875 | xen: security advisories 26-32 | xen (Ubuntu Quantal) | Medium | Fix Released | ||
1086875 | xen: security advisories 26-32 | xen (Ubuntu Precise) | Medium | Fix Released | ||
1086875 | xen: security advisories 26-32 | xen (Ubuntu Oneiric) | Medium | Fix Released |
Bug #1176209: Import problem caused by duplicate message ID
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1176209 | Import problem caused by duplicate message ID | xen (Ubuntu) | Low | Invalid | ||
1176209 | Import problem caused by duplicate message ID | xen (Ubuntu Precise) | Low | Fix Released | ||
1176209 | Import problem caused by duplicate message ID | xen (Ubuntu Quantal) | Low | Fix Released |
Bug #1180396: Xen stable update to 4.1.5
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1180396 | Xen stable update to 4.1.5 | xen (Ubuntu) | Low | Invalid | ||
1180396 | Xen stable update to 4.1.5 | xen (Ubuntu Precise) | Medium | Fix Released | ||
1180396 | Xen stable update to 4.1.5 | xen (Ubuntu Quantal) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.