Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2012-3495

Published: 23 November 2012

The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors.

Notes

AuthorNote
mdeslaur
This is XSA-13
only affects 4.1

Priority

Medium

Status

Package Release Status
xen-3.1
Launchpad, Ubuntu, Debian
upstream Needs triage

hardy Not vulnerable

lucid Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

Binaries built from this source package are in Universe and so are supported by the community.
xen-3.2
Launchpad, Ubuntu, Debian
upstream Needs triage

hardy Not vulnerable

lucid Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3
Launchpad, Ubuntu, Debian
upstream Needs triage

hardy Does not exist

lucid Not vulnerable

natty Not vulnerable

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

Binaries built from this source package are in Universe and so are supported by the community.
xen
Launchpad, Ubuntu, Debian
upstream
Released (4.1.3-2)
hardy Does not exist

lucid Does not exist

natty Does not exist

oneiric
Released (4.1.1-2ubuntu4.4)
precise
Released (4.1.2-2ubuntu2.4)
quantal Not vulnerable
(4.1.3-3ubuntu1)
raring Not vulnerable

Binaries built from this source package are in Universe and so are supported by the community.