QwikSec

Security Database

CVE

CWE

Training

CVE-2012-3516

Published: Nov 23, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20120905 Xen Security Advisory 18 (CVE-2012-3516) - grant table entry swaps have inadequate bounds checking

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

http://support.citrix.com/article/CTX134708

x_refsource_CONFIRM

http://wiki.xen.org/wiki/Security_Announcements#XSA-18_grant_table_entry_swaps_have_inadequate_bounds_checking

x_refsource_CONFIRM

SUSE-SU-2012:1133

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.