QwikSec

Security Database

CVE

CWE

Training

CVE-2012-3497

Published: Nov 23, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

(1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) TMEMC_SAVE_GET_CLIENT_FLAGS and (4) TMEMC_SAVE_END in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (NULL pointer dereference or memory corruption and host crash) or possibly have other unspecified impacts via a NULL client id.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_SECTRACK

http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_GENTOO

vdb-entry

x_refsource_BID

SUSE-SU-2012:1486

vendor-advisory

x_refsource_SUSE

[oss-security] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities

mailing-list

x_refsource_MLIST

xen-tmem-priv-esc(78268)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_OSVDB

[Xen-announce] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities

mailing-list

x_refsource_MLIST

openSUSE-SU-2012:1572

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

SUSE-SU-2012:1487

vendor-advisory

x_refsource_SUSE

SUSE-SU-2014:0446

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_GENTOO

openSUSE-SU-2012:1573

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2012-3497 - Security Vulnerability | QwikSec