Novell Home

CVE-2012-3516

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-3516 at MITRE

Description

The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location.

NVD CVSS v2 Base Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 777085

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 10 SP2 for x86
  • xen >= 3.2.0_16718_26-0.10.1
  • xen-devel >= 3.2.0_16718_26-0.10.1
  • xen-doc-html >= 3.2.0_16718_26-0.10.1
  • xen-doc-pdf >= 3.2.0_16718_26-0.10.1
  • xen-doc-ps >= 3.2.0_16718_26-0.10.1
  • xen-kmp-bigsmp >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-debug >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-default >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-kdump >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-smp >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-libs >= 3.2.0_16718_26-0.10.1
  • xen-tools >= 3.2.0_16718_26-0.10.1
  • xen-tools-domU >= 3.2.0_16718_26-0.10.1
  • xen-tools-ioemu >= 3.2.0_16718_26-0.10.1
sles10-sp2-debuginfo.x86
sles10-sp2-ltss.x86
sles10-sp2-debuginfo.x86-64
sles10-sp2-ltss.x86-64
ZYPP Patch Nr: 8260
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T
  • xen >= 3.2.0_16718_26-0.10.1
  • xen-devel >= 3.2.0_16718_26-0.10.1
  • xen-doc-html >= 3.2.0_16718_26-0.10.1
  • xen-doc-pdf >= 3.2.0_16718_26-0.10.1
  • xen-doc-ps >= 3.2.0_16718_26-0.10.1
  • xen-kmp-debug >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-default >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-kdump >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-kmp-smp >= 3.2.0_16718_26_2.6.16.60_0.42.54.11-0.10.1
  • xen-libs >= 3.2.0_16718_26-0.10.1
  • xen-libs-32bit >= 3.2.0_16718_26-0.10.1
  • xen-tools >= 3.2.0_16718_26-0.10.1
  • xen-tools-domU >= 3.2.0_16718_26-0.10.1
  • xen-tools-ioemu >= 3.2.0_16718_26-0.10.1
sles10-sp2-debuginfo.x86
sles10-sp2-ltss.x86
sles10-sp2-debuginfo.x86-64
sles10-sp2-ltss.x86-64
ZYPP Patch Nr: 8260

© 2014 Novell