CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6030
https://notcve.org/view.php?id=CVE-2012-6030
The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via unspecified vectors related to "broken locking checks" in an "error path." NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. La función do_tmem_op en el Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 permiten a los usuarios del SO invitado provocar una denegación de servicio (caída del host) y posiblemente generar otros impactos no especificados mediante vectores no especificados relacionados con "broken locking checks" en un "error path." NOTA: este problema se publicó originalmente como parte del CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros. • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html http://osvdb.org/85199 http://secunia.com/advisories/50472 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities http://www.openwall.com/lists/oss-security/2012/09/05/8 http://www.securityfocus.com/bid/55410 http://www.securitytracker.com/id?1027482 https://exchange.xforce.ibmcloud& • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2012-3516
https://notcve.org/view.php?id=CVE-2012-3516
The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location. La sub-operación GNTTABOP_swap_grant_ref en el "grant table hypercall" en Xen v4.2 y Citrix XenServer v6.0.2 permite a los kernels locales de invitado o administradores causar una denegación de servicio (caída del host) y, posiblemente, obtener privilegios a través de una referencia manipulada que genera una escritura en una ubicación en memoria del hipervisor • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html http://secunia.com/advisories/50472 http://secunia.com/advisories/50530 http://support.citrix.com/article/CTX134708 http://wiki.xen.org/wiki/Security_Announcements#XSA-18_grant_table_entry_swaps_have_inadequate_bounds_checking http://www.openwall.com/lists/oss-security/2012/09/05/11 http://www.securityfocus.com/bid/55411 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6034
https://notcve.org/view.php?id=CVE-2012-6034
The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv functions and the (3) TMEMC_SAVE_GET_POOL_UUID sub-operation in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 "do not check incoming guest output buffer pointers," which allows local guest OS users to cause a denial of service (memory corruption and host crash) or execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. La función (1) tmemc_save_get_next_page y (2) tmemc_save_get_next_inv y la sub-operación (3) TMEMC_SAVE_GET_POOL_UUID sub-operación en el Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 no chequea los punteros entrantes del búfer de salida de invitado, lo que permite a usuarios del SO de invitado provocar una denegación de servicio (corrupción de memoria y caída del host) o posiblemente ejecutar código arbitrario a través de vectores no especificados. NOTA: este problema se publicó originalmente como parte de CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros. • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html http://osvdb.org/85199 http://secunia.com/advisories/50472 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities http://www.openwall.com/lists/oss-security/2012/09/05/8 http://www.securityfocus.com/bid/55410 http://www.securitytracker.com/id?1027482 https://exchange.xforce.ibmcloud& • CWE-20: Improper Input Validation •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6036
https://notcve.org/view.php?id=CVE-2012-6036
The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) tmemc_restore_flush_page functions in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 do not check for negative id pools, which allows local guest OS users to cause a denial of service (memory corruption and host crash) or possibly execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. Las funciones (1) memc_save_get_next_page, (2) tmemc_restore_put_page y (3) tmemc_restore_flush_page en el Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 no comprueba los pools de id negativos, lo que permite a usuarios del SO de invitado provocar una denegación de servicio (corrupción de memoria y caída del host) o posiblemente ejecutar código arbitrario a través de vectores no especificados. NOTA: este problema se publicó originalmente como parte de CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros. • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html http://osvdb.org/85199 http://secunia.com/advisories/50472 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities http://www.openwall.com/lists/oss-security/2012/09/05/8 http://www.securityfocus.com/bid/55410 http://www.securitytracker.com/id?1027482 https://exchange.xforce.ibmcloud& • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2012-6033
https://notcve.org/view.php?id=CVE-2012-6033
The do_tmem_control function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 does not properly check privileges, which allows local guest OS users to access control stack operations via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. La función do_tmem_control en el Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 no comprueba correctamente los privilegios, lo que permite a los usuarios del SO de invitado acceder a las operaciones de la pila mediante vectores no especificados. NOTA: este problema se publicó originalmente como parte de CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros. • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html http://osvdb.org/85199 http://secunia.com/advisories/50472 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities http://www.openwall.com/lists/oss-security/2012/09/05/8 http://www.securityfocus.com/bid/55410 http://www.securitytracker.com/id?1027482 https://exchange.xforce.ibmcloud& • CWE-264: Permissions, Privileges, and Access Controls •