CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6031
https://notcve.org/view.php?id=CVE-2012-6031
The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (CPU hang and host crash) via unspecified vectors related to a spinlock being held in the "bad_copy error path." NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. La función do_tmem_get en el Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 permiten a los usuarios del SO invitado provocar una denegación de servicio (caída del host) a través de vectores relacionados con un "spinlock" siendo mantenido en el "bad_copy error path." NOTA: este problema se publicó originalmente como parte del CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros. • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html http://osvdb.org/85199 http://secunia.com/advisories/50472 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities http://www.openwall.com/lists/oss-security/2012/09/05/8 http://www.securityfocus.com/bid/55410 http://www.securitytracker.com/id?1027482 https://exchange.xforce.ibmcloud& • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6032
https://notcve.org/view.php?id=CVE-2012-6032
Multiple integer overflows in the (1) tmh_copy_from_client and (2) tmh_copy_to_client functions in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (memory corruption and host crash) via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. Múltiples desbordamientos de enteros en las funciones (1) tmh_copy_from_client y (2) tmh_copy_to_client en Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 permiten a los usuarios del SO invitado provocar una denegación de servicio (corrupción de memoria y caída del host) a través de vectores no especificados. NOTA: este problema se publicó originalmente como parte del CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros. • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html http://osvdb.org/85199 http://secunia.com/advisories/50472 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities http://www.openwall.com/lists/oss-security/2012/09/05/8 http://www.securityfocus.com/bid/55410 http://www.securitytracker.com/id?1027482 https://exchange.xforce.ibmcloud& • CWE-189: Numeric Errors •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6033
https://notcve.org/view.php?id=CVE-2012-6033
The do_tmem_control function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 does not properly check privileges, which allows local guest OS users to access control stack operations via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. La función do_tmem_control en el Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 no comprueba correctamente los privilegios, lo que permite a los usuarios del SO de invitado acceder a las operaciones de la pila mediante vectores no especificados. NOTA: este problema se publicó originalmente como parte de CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros. • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html http://osvdb.org/85199 http://secunia.com/advisories/50472 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities http://www.openwall.com/lists/oss-security/2012/09/05/8 http://www.securityfocus.com/bid/55410 http://www.securitytracker.com/id?1027482 https://exchange.xforce.ibmcloud& • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6034
https://notcve.org/view.php?id=CVE-2012-6034
The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv functions and the (3) TMEMC_SAVE_GET_POOL_UUID sub-operation in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 "do not check incoming guest output buffer pointers," which allows local guest OS users to cause a denial of service (memory corruption and host crash) or execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. La función (1) tmemc_save_get_next_page y (2) tmemc_save_get_next_inv y la sub-operación (3) TMEMC_SAVE_GET_POOL_UUID sub-operación en el Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 no chequea los punteros entrantes del búfer de salida de invitado, lo que permite a usuarios del SO de invitado provocar una denegación de servicio (corrupción de memoria y caída del host) o posiblemente ejecutar código arbitrario a través de vectores no especificados. NOTA: este problema se publicó originalmente como parte de CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros. • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html http://osvdb.org/85199 http://secunia.com/advisories/50472 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities http://www.openwall.com/lists/oss-security/2012/09/05/8 http://www.securityfocus.com/bid/55410 http://www.securitytracker.com/id?1027482 https://exchange.xforce.ibmcloud& • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6035
https://notcve.org/view.php?id=CVE-2012-6035
The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 does not properly validate pool ids, which allows local guest OS users to cause a denial of service (memory corruption and host crash) or execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. La función do_tmem_destroy_pool en la Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 no valida correctamente los pools de ids, lo que permite a usuarios del SO de invitado provocar una denegación de servicio (corrupción de memoria y caída del host) o posiblemente ejecutar código arbitrario a través de vectores no especificados. NOTA: este problema se publicó originalmente como parte de CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros. • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html http://osvdb.org/85199 http://secunia.com/advisories/50472 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities http://www.openwall.com/lists/oss-security/2012/09/05/8 http://www.securityfocus.com/bid/55410 http://www.securitytracker.com/id?1027482 https://exchange.xforce.ibmcloud& • CWE-20: Improper Input Validation •