// For flags

CVE-2012-3496

Gentoo Linux Security Advisory 201309-24

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand.

XENMEM_populate_physmap en Xen v4.0, v4.1, y v4.2, y Citrix XenServer v6.0.2 y anteriores, cuando el modo de traducción de página no se utiliza, permite a los kernels locales PV del SO invitado causar una denegación de servicio (caída del host) a través flags inválidos como MEMF_populate_on_demand.

Multiple vulnerabilities have been found in Xen, allowing attackers on a Xen Virtual Machine to execute arbitrary code, cause Denial of Service, or gain access to data on the host. Versions less than 4.2.2-r1 are affected.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-06-14 CVE Reserved
  • 2012-11-23 CVE Published
  • 2024-08-06 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-16: Configuration
CAPEC
References (23)
URL Tag Source
http://secunia.com/advisories/51413 Third Party Advisory
http://secunia.com/advisories/55082 Third Party Advisory
http://securitytracker.com/id?1027481 Vdb Entry
http://wiki.xen.org/wiki/Security_Announcements#XSA-14_XENMEM_populate_physmap_DoS_vulnerability X_refsource_confirm
http://www.openwall.com/lists/oss-security/2012/09/05/7 Mailing List
http://www.osvdb.org/85200 Vdb Entry
http://www.securityfocus.com/bid/55412 Vdb Entry
https://bugzilla.redhat.com/show_bug.cgi?id=854590 X_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/78267 Vdb Entry
URL Date SRC
URL Date SRC
http://support.citrix.com/article/CTX134708 2017-08-29
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html 2017-08-29
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html 2017-08-29
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html 2017-08-29
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html 2017-08-29
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html 2017-08-29
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html 2017-08-29
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html 2017-08-29
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html 2017-08-29
http://secunia.com/advisories/50472 2017-08-29
http://secunia.com/advisories/50530 2017-08-29
http://security.gentoo.org/glsa/glsa-201309-24.xml 2017-08-29
http://www.debian.org/security/2012/dsa-2544 2017-08-29
https://security.gentoo.org/glsa/201604-03 2017-08-29
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Citrix
Search vendor "Citrix"
 Xenserver
Search vendor "Citrix" for product "Xenserver"
 <= 6.0.2
Search vendor "Citrix" for product "Xenserver" and version " <= 6.0.2"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.0.0
Search vendor "Xen" for product "Xen" and version "4.0.0"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.1.0
Search vendor "Xen" for product "Xen" and version "4.1.0"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.2.0
Search vendor "Xen" for product "Xen" and version "4.2.0"
-
Affected