CVE-2012-6030
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via unspecified vectors related to "broken locking checks" in an "error path." NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.
La función do_tmem_op en el Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 permiten a los usuarios del SO invitado provocar una denegación de servicio (caída del host) y posiblemente generar otros impactos no especificados mediante vectores no especificados relacionados con "broken locking checks" en un "error path." NOTA: este problema se publicó originalmente como parte del CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-11-23 CVE Reserved
- 2012-11-23 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/85199 | Vdb Entry | |
| http://secunia.com/advisories/55082 | Third Party Advisory | |
| http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2012/09/05/8 | Mailing List |
|
| http://www.securityfocus.com/bid/55410 | Vdb Entry | |
| http://www.securitytracker.com/id?1027482 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/78268 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html | 2017-08-29 | |
| http://secunia.com/advisories/50472 | 2017-08-29 | |
| http://security.gentoo.org/glsa/glsa-201309-24.xml | 2017-08-29 | |
| https://security.gentoo.org/glsa/201604-03 | 2017-08-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.0.0 Search vendor "Xen" for product "Xen" and version "4.0.0" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.1.0 Search vendor "Xen" for product "Xen" and version "4.1.0" | - |
Affected
| ||||||
| Xen Search vendor "Xen" | Xen Search vendor "Xen" for product "Xen" | 4.2.0 Search vendor "Xen" for product "Xen" and version "4.2.0" | - |
Affected
| ||||||