CVE-2012-3495

Loading...

General

Score:6.1/10.0
Severity:Medium
Category:Input Validation Error

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Complete

Exploitability Metrics

Access Vector:Local
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2012-3432, CVE-2012-3433, CVE-2012-3494, CVE-2012-3496, CVE-2012-3497, CVE-2012-3498, CVE-2012-3515, CVE-2012-3516, CVE-2012-4606

Published on 23/11/12 - Updated on 01/07/17

Description

The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors.

Category: Input Validation Error

CWE-20 (Input Validation)
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

Security Notices

US National Vulnerability DatabaseCVE-2012-3495
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2012-AVI-485, CERTA-2012-AVI-544
Renater 2012/VULN345, 2012/VULN349, 2012/VULN393
SUSE SUSE-SU-2012:1132, SUSE-SU-2012:1133

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
citrixxenserver
xenxen

Share this vulnerability with:

Twitter Facebook LinkedIn Mail