CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6033 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-6033
23 Nov 2012 — The do_tmem_control function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 does not properly check privileges, which allows local guest OS users to access control stack operations via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. La función do_tmem_control en el Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 no comprueba correctamente los privilegios, lo que permite a lo... • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6034 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-6034
23 Nov 2012 — The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv functions and the (3) TMEMC_SAVE_GET_POOL_UUID sub-operation in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 "do not check incoming guest output buffer pointers," which allows local guest OS users to cause a denial of service (memory corruption and host crash) or execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into... • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6035 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-6035
23 Nov 2012 — The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 does not properly validate pool ids, which allows local guest OS users to cause a denial of service (memory corruption and host crash) or execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. La función do_tmem_destroy_pool en la Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4... • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6036 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-6036
23 Nov 2012 — The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) tmemc_restore_flush_page functions in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 do not check for negative id pools, which allows local guest OS users to cause a denial of service (memory corruption and host crash) or possibly execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. Las funcion... • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2012-3494 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-3494
23 Nov 2012 — The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 debug control register. La hiperllamada et_debugreg en include/asm-x86/debugreg.h en Xen v4.0, v4.1, y v4.2, y Citrix XenServer v6.0.2 y anteriores, cuando se ejecuta sobre systemas x86-64, permite a usuarios locales del SO invitado generar una... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2012-3495 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-3495
23 Nov 2012 — The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors. La hypercall physdev_get_free_pirq en arch/x86/physdev.c en Xen v4.1.x y Citrix XenServer v6.0.2 y anteriores utiliza el val... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-3496 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-3496
23 Nov 2012 — XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand. XENMEM_populate_physmap en Xen v4.0, v4.1, y v4.2, y Citrix XenServer v6.0.2 y anteriores, cuando el modo de traducción de página no se utiliza, permite a los kernels locales PV del SO invitado causar una denegación de servicio (caída d... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html • CWE-16: Configuration •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0CVE-2012-3497 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-3497
23 Nov 2012 — (1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) TMEMC_SAVE_GET_CLIENT_FLAGS and (4) TMEMC_SAVE_END in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (NULL pointer dereference or memory corruption and host crash) or possibly have other unspecified impacts via a NULL client id. (1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) TMEMC_SAVE_GET_CLIENT_FLAGS y (4) TMEMC_SAVE_END en el Transcendent Memory (TMEM... • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-3498 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-3498
23 Nov 2012 — PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index. PHYSDEVOP_map_pirq en Xen v4.1 y v4.2 y Citrix XenServer v6.0.2 y anteriores permite a un kernel OS HVM invitado causar una denegación de servicio (caída del host) y posiblemente leer hipervisor o memoria mediante vectores relacionados con una falta de c... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 33EXPL: 0CVE-2012-3515 – qemu: VT100 emulation vulnerability
https://notcve.org/view.php?id=CVE-2012-3515
23 Nov 2012 — Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." Qemu, tal como se utiliza en Xen v4.0, v4.1 y posiblemente otros productos, al emular ciertos dispositivos con una consola virtual, permite a los usuarios locales del SO invitado obtener privilegios a través de una secuencia VT100 de escape m... • http://git.qemu.org/?p=qemu-stable-0.15.git%3Ba=log • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •