CVE-2012-5512 — Citrix Xenserver vulnerability

CWE-168 documents7 sources

Severity

3.2LOWNVD

EPSS

0.1%

top 75.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Citrix Xenserver

Timeline

PublishedDec 13

Latest updateMay 17

Description

Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors.

CVSS vector

AV:L/AC:L/C:P/I:N/A:PExploitability: 3.1 | Impact: 4.9

Affected Packages2 packages

▶Debianxen/xen< 4.1.3-5+3

▶NVDcitrix/xenserver4.1.0

Patches

Patch: support.citrix.com ↗Patch: support.citrix.com ↗

🔴Vulnerability Details

GHSA

GHSA-2ccw-9fqf-xvp4: Array index error in the HVMOP_set_mem_access handler in Xen 4↗2022-05-17

▶

OSV

CVE-2012-5512: Array index error in the HVMOP_set_mem_access handler in Xen 4↗2012-12-13

▶

CVEList

CVE-2012-5512: Array index error in the HVMOP_set_mem_access handler in Xen 4↗2012-12-13

▶

📋Vendor Advisories

Red Hat

kernel: xen: HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak↗2012-12-03

▶

Debian

CVE-2012-5512: xen - Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HV...↗2012

▶

💬Community

Bugzilla

CVE-2012-5512 kernel: xen: HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak [fedora-all]↗2012-12-03

▶

Bugzilla

CVE-2012-5512 kernel: xen: HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak↗2012-11-16

▶