CVE-2012-5525
published 2012-12-13CVE-2012-5525: The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that…
PriorityP420medium4.7CVSS 2.0
AVLACMAuNCNINAC
EXPLOIT
EPSS
1.60%
72.8th percentile
The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | xen | — | — |
| xen | xen | — | — |
CVSS provenance
nvdv2.04.7MEDIUMAV:L/AC:M/Au:N/C:N/I:N/A:C
vendor_debian4.7LOW
vendor_redhat4.7MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wrrw-3jqq-qcvc: The get_page_from_gfn hypercall function in Xen 4
ghsa_unreviewed·2022-05-17
CVE-2012-5525 [MEDIUM] GHSA-wrrw-3jqq-qcvc: The get_page_from_gfn hypercall function in Xen 4
The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.
Red Hat
kernel: xen: several hypercalls do not validate input GFNs
vendor_redhat·2012-12-03·CVSS 4.7
CVE-2012-5525 [MEDIUM] kernel: xen: several hypercalls do not validate input GFNs
kernel: xen: several hypercalls do not validate input GFNs
The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.
Statement: Not vulnerable.
This issue did not affect the versions of the kernel-xen package as shipped with Red Hat Enterprise Linux 5.
This issue did not affect Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG as we did not have support for Xen hypervisor.
Package: kernel-xen (Red Hat Enterprise Linux 5) - Not affected
Debian
CVE-2012-5525: xen - The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS adm...
vendor_debian·2012·CVSS 4.7
CVE-2012-5525 [MEDIUM] CVE-2012-5525: xen - The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS adm...
The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
Bugzilla
CVE-2012-5525 kernel: xen: several hypercalls do not validate input GFNs [fedora-all]
bugzilla·2012-12-03·CVSS 4.7
CVE-2012-5525 [MEDIUM] CVE-2012-5525 kernel: xen: several hypercalls do not validate input GFNs [fedora-all]
CVE-2012-5525 kernel: xen: several hypercalls do not validate input GFNs [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this i
Bugzilla
CVE-2012-5525 kernel: xen: several hypercalls do not validate input GFNs
bugzilla·2012-11-16·CVSS 4.7
CVE-2012-5525 [MEDIUM] CVE-2012-5525 kernel: xen: several hypercalls do not validate input GFNs
CVE-2012-5525 kernel: xen: several hypercalls do not validate input GFNs
The function get_page_from_gfn does not validate its input GFN. An
invalid GFN passed to a hypercall which uses this function will cause
the hypervisor to read off the end of the frame table and potentially
crash.
A malicious PV guest administrator can cause Xen to crash.
If the out of bounds access does not lead to a crash, a carefully
crafted privilege escalation cannot be excluded, even though the guest
doesn't itself control the values written.
Acknowledgements:
Red Hat would like to thank the Xen project for reporting this issue.
Discussion:
Statement:
Not vulnerable.
This issue did not affect the versions of the kernel-xen package as shipped with Red Hat Enterprise Linux 5.
This issue did not affect Red
http://secunia.com/advisories/51397http://secunia.com/advisories/55082http://security.gentoo.org/glsa/glsa-201309-24.xmlhttp://www.openwall.com/lists/oss-security/2012/12/03/6http://www.osvdb.org/88133http://www.securityfocus.com/bid/56805https://exchange.xforce.ibmcloud.com/vulnerabilities/80480http://secunia.com/advisories/51397http://secunia.com/advisories/55082http://security.gentoo.org/glsa/glsa-201309-24.xmlhttp://www.openwall.com/lists/oss-security/2012/12/03/6http://www.osvdb.org/88133http://www.securityfocus.com/bid/56805https://exchange.xforce.ibmcloud.com/vulnerabilities/80480
2012-12-13
Published