CVE-2012-5510

Publication date 13 December 2012

Last updated 24 July 2024

Ubuntu priority

Description

Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
xen	12.10 quantal	Fixed 4.1.3-3ubuntu1.1
	12.04 LTS precise	Fixed 4.1.2-2ubuntu2.3
	11.10 oneiric	Fixed 4.1.1-2ubuntu4.3
	10.04 LTS lucid	Not in release
	8.04 LTS hardy	Not in release
xen-3.3	12.10 quantal	Not in release
	12.04 LTS precise	Not in release
	11.10 oneiric	Not in release
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not in release

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

xen 4 only

References

MITRE
NVD
Launchpad
Debian

Other references

http://www.openwall.com/lists/oss-security/2012/12/03/6
http://lists.xen.org/archives/html/xen-devel/2012-12/msg00077.html
https://www.cve.org/CVERecord?id=CVE-2012-5510