cbcvebase.
CVE-2012-5513
published 2012-12-13

CVE-2012-5513: The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial…

PriorityP426medium6.9CVSS 2.0
AVLACMAuNCCICAC
EXPLOIT
EPSS
0.41%
32.4th percentile
The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range.

Affected

32 ranges· showing 25
VendorProductVersion rangeFixed in
debianxen< xen 4.1.3-5 (bookworm)xen 4.1.3-5 (bookworm)
xenxen<= 4.2.0
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen
xenxen

CVSS provenance

nvdv2.06.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
osv6.9MEDIUM
vendor_debian6.9MEDIUM
vendor_redhat6.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.