CVE-2012-3496: XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest…

medium4.7CVSS 3.1

AVLACMAuNCNINAC

XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand.

Affected

16 ranges

Vendor	Product	Version range	Fixed in
citrix	citrix_adm	—	—
citrix	citrix_hypervisor	—	—
citrix	citrix_virtual_apps_and_desktops	—	—
citrix	endpoint_management	—	—
citrix	netscaler_adc	—	—
citrix	netscaler_gateway	—	—
citrix	xenserver	<= 6.0.2	—
citrix	xenserver	—	—
debian	xen	< xen 4.1.3-2 (bookworm)	xen 4.1.3-2 (bookworm)
xen	xen	—	—
xen	xen	—	—
xen	xen	—	—
xen	xen	>= 0 < 4.1.3-2	4.1.3-2
xen	xen	>= 0 < 4.1.3-2	4.1.3-2
xen	xen	>= 0 < 4.1.3-2	4.1.3-2
xen	xen	>= 0 < 4.1.3-2	4.1.3-2

CVSS provenance

nvd4.7MEDIUMAV:L/AC:M/Au:N/C:N/I:N/A:C

osv4.7MEDIUM