Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-5525

The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.

Related bugs and status

CVE-2012-5525 (Candidate) is related to these bugs:

Bug #1086875: xen: security advisories 26-32

		In	Importance	Status
1086875	xen: security advisories 26-32	xen (Ubuntu)	Medium	Fix Released
1086875	xen: security advisories 26-32	xen (Ubuntu Raring)	Medium	Fix Released
1086875	xen: security advisories 26-32	xen (Ubuntu Quantal)	Medium	Fix Released
1086875	xen: security advisories 26-32	xen (Ubuntu Precise)	Medium	Fix Released
1086875	xen: security advisories 26-32	xen (Ubuntu Oneiric)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://www.osvdb.org/8...
MISC: http://security.gentoo...
MISC: http://www.openwall.co...
MISC: https://exchange.xforc...