CVE-2012-3495

Common Vulnerabilities and Exposures

Upstream information

CVE-2012-3495 at MITRE

Description

The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors.

NVD CVSS v2 Base Score: 6.1 (AV:L/AC:L/Au:N/C:P/I:P/A:C)

Novell/SUSE information

Novell Bugzilla entry: 777088

SUSE Security Advisories:

SUSE-SU-2012:1132-1, published Fri, 7 Sep 2012 15:08:36 +0200 (CEST)
SUSE-SU-2012:1133-1, published Fri, 7 Sep 2012 16:08:25 +0200 (CEST)
openSUSE-SU-2012:1172-1, published Fri, 14 Sep 2012 14:09:32 +0200 (CEST)
openSUSE-SU-2012:1176-1, published Fri, 14 Sep 2012 14:14:04 +0200 (CEST)
openSUSE-SU-2012:1572-1, published Mon, 26 Nov 2012 15:08:36 +0100 (CET)
openSUSE-SU-2012:1573-1, published Mon, 26 Nov 2012 15:13:15 +0100 (CET)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise 10 SP2 DEBUGINFO for AMD64 and Intel EM64T SUSE Linux Enterprise 10 SP2 DEBUGINFO for x86	`xen-debuginfo >= 3.2.0_16718_26-0.10.1`	sles10-sp2-debuginfo.x86 sles10-sp2-ltss.x86 sles10-sp2-debuginfo.x86-64 sles10-sp2-ltss.x86-64 ZYPP Patch Nr: 8260
SUSE Linux Enterprise Server 10 SP2 for x86	`xen >= 3.2.0_16718_26-0.10.1` `xen-devel >= 3.2.0_16718_26-0.10.1` `xen-doc-html >= 3.2.0_16718_26-0.10.1` `xen-doc-pdf >= 3.2.0_16718_26-0.10.1` `xen-doc-ps >= 3.2.0_16718_26-0.10.1` `xen-kmp-bigsmp >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1` `xen-kmp-debug >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1` `xen-kmp-default >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1` `xen-kmp-kdump >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1` `xen-kmp-smp >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1` `xen-libs >= 3.2.0_16718_26-0.10.1` `xen-tools >= 3.2.0_16718_26-0.10.1` `xen-tools-domU >= 3.2.0_16718_26-0.10.1` `xen-tools-ioemu >= 3.2.0_16718_26-0.10.1`	sles10-sp2-debuginfo.x86 sles10-sp2-ltss.x86 sles10-sp2-debuginfo.x86-64 sles10-sp2-ltss.x86-64 ZYPP Patch Nr: 8260
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T	`xen >= 3.2.0_16718_26-0.10.1` `xen-devel >= 3.2.0_16718_26-0.10.1` `xen-doc-html >= 3.2.0_16718_26-0.10.1` `xen-doc-pdf >= 3.2.0_16718_26-0.10.1` `xen-doc-ps >= 3.2.0_16718_26-0.10.1` `xen-kmp-debug >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1` `xen-kmp-default >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1` `xen-kmp-kdump >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1` `xen-kmp-smp >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1` `xen-libs >= 3.2.0_16718_26-0.10.1` `xen-libs-32bit >= 3.2.0_16718_26-0.10.1` `xen-tools >= 3.2.0_16718_26-0.10.1` `xen-tools-domU >= 3.2.0_16718_26-0.10.1` `xen-tools-ioemu >= 3.2.0_16718_26-0.10.1`	sles10-sp2-debuginfo.x86 sles10-sp2-ltss.x86 sles10-sp2-debuginfo.x86-64 sles10-sp2-ltss.x86-64 ZYPP Patch Nr: 8260

Products

Products By Category

Collaboration

Endpoint Management

File & Networking Services

Services & Support

Help Yourself

Let Us Help

Download

IT Consulting

Technical Training

Customer Center

Contribute

Partners

Partner With Novell

PartnerNet

Find a Partner

Developers

Communities

About Novell

How to Buy