CVE-2012-5514

Common Vulnerabilities and Exposures

Upstream information

CVE-2012-5514 at MITRE

Description

The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors.

NVD CVSS v2 Base Score: 4.7 (AV:L/AC:M/Au:N/C:N/I:N/A:C)

Novell/SUSE information

Novell Bugzilla entry: 789948, 789988

SUSE Security Advisories:

SUSE-SU-2012:1615-1, published Thu, 6 Dec 2012 17:08:57 +0100 (CET)
openSUSE-SU-2012:1685-1, published Sun, 23 Dec 2012 20:08:36 +0100 (CET)
openSUSE-SU-2012:1687-1, published Sun, 23 Dec 2012 20:16:24 +0100 (CET)
openSUSE-SU-2013:0133-1, published Wed, 23 Jan 2013 14:05:00 +0100 (CET)
openSUSE-SU-2013:0636-1, published Mon, 8 Apr 2013 12:04:30 +0200 (CEST)
openSUSE-SU-2013:0637-1, published Mon, 8 Apr 2013 12:07:10 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
SLE 11 SP2 DEBUGINFO	`xen-debuginfo >= 4.1.4_02-0.5.1` `xen-debugsource >= 4.1.4_02-0.5.1`	Builds SAT Patch Nr: 7492
SUSE Linux Enterprise Software Development Kit 11 SP2	`xen-devel >= 4.1.4_02-0.5.1`	Builds SAT Patch Nr: 7492
SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP2	`xen-kmp-default >= 4.1.4_02_3.0.58_0.6.6-0.5.1` `xen-kmp-pae >= 4.1.4_02_3.0.58_0.6.6-0.5.1` `xen-kmp-trace >= 4.1.4_02_3.0.58_0.6.6-0.5.1` `xen-libs >= 4.1.4_02-0.5.1` `xen-tools-domU >= 4.1.4_02-0.5.1`	Builds SAT Patch Nr: 7492
SUSE Linux Enterprise Server 11 SP2 for VMware	`xen-kmp-trace >= 4.1.4_02_3.0.58_0.6.6-0.5.1`	Builds SAT Patch Nr: 7492
SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP2	`xen >= 4.1.4_02-0.5.1` `xen-doc-html >= 4.1.4_02-0.5.1` `xen-doc-pdf >= 4.1.4_02-0.5.1` `xen-kmp-default >= 4.1.4_02_3.0.58_0.6.6-0.5.1` `xen-kmp-trace >= 4.1.4_02_3.0.58_0.6.6-0.5.1` `xen-libs >= 4.1.4_02-0.5.1` `xen-libs-32bit >= 4.1.4_02-0.5.1` `xen-tools >= 4.1.4_02-0.5.1` `xen-tools-domU >= 4.1.4_02-0.5.1`	Builds SAT Patch Nr: 7492
SLE 11 SP2 DEBUGINFO	`xen-debuginfo >= 4.1.3_06-0.7.1` `xen-debugsource >= 4.1.3_06-0.7.1`	sles11-sp2.x86-64 sle11-sp2-sdk.x86-64 sles11-sp2-vmware.x86-64 sled11-sp2.x86-64 SAT Patch Nr: 7133
SUSE Linux Enterprise Software Development Kit 11 SP2	`xen-devel >= 4.1.3_06-0.7.1`	sles11-sp2.x86-64 sle11-sp2-sdk.x86-64 sles11-sp2-vmware.x86-64 sled11-sp2.x86-64 SAT Patch Nr: 7133
SUSE Linux Enterprise Server 11 SP2 for VMware	`xen-kmp-trace >= 4.1.3_06_3.0.51_0.7.9-0.7.1`	sles11-sp2.x86-64 sle11-sp2-sdk.x86-64 sles11-sp2-vmware.x86-64 sled11-sp2.x86-64 SAT Patch Nr: 7133
SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Server 11 SP2	`xen >= 4.1.3_06-0.7.1` `xen-doc-html >= 4.1.3_06-0.7.1` `xen-doc-pdf >= 4.1.3_06-0.7.1` `xen-kmp-default >= 4.1.3_06_3.0.51_0.7.9-0.7.1` `xen-kmp-trace >= 4.1.3_06_3.0.51_0.7.9-0.7.1` `xen-libs >= 4.1.3_06-0.7.1` `xen-libs-32bit >= 4.1.3_06-0.7.1` `xen-tools >= 4.1.3_06-0.7.1` `xen-tools-domU >= 4.1.3_06-0.7.1`	sles11-sp2.x86-64 sle11-sp2-sdk.x86-64 sles11-sp2-vmware.x86-64 sled11-sp2.x86-64 SAT Patch Nr: 7133

Products

Products By Category

Collaboration

Endpoint Management

File & Networking Services

Services & Support

Help Yourself

Let Us Help

Download

IT Consulting

Technical Training

Customer Center

Contribute

Partners

Partner With Novell

PartnerNet

Find a Partner

Developers

Communities

About Novell

How to Buy