1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
Candidate: CVE-2012-6032
PublicDate: 2012-11-23
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6032
http://xforce.iss.net/xforce/xfdb/78268
http://www.securitytracker.com/id?1027482
http://www.openwall.com/lists/oss-security/2012/09/05/8
http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities
http://secunia.com/advisories/50472
http://osvdb.org/85199
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html
Description:
Multiple integer overflows in the (1) tmh_copy_from_client and (2)
tmh_copy_to_client functions in the Transcendent Memory (TMEM) in Xen 4.0,
4.1, and 4.2 allow local guest OS users to cause a denial of service
(memory corruption and host crash) via unspecified vectors. NOTE: this
issue was originally published as part of CVE-2012-3497, which was too
general; CVE-2012-3497 has been SPLIT into this ID and others.
Ubuntu-Description:
Notes:
sarnold> Xen team strongly recommends against TMEM use
mdeslaur> only 4.0 and higher
mdeslaur> ONLY installations where "tmem" is specified on the hypervisor command
mdeslaur> line are vulnerable. Most Xen installations do not do so.
mdeslaur> upstream says: "TMEM has been described by its maintainers as a
mdeslaur> technology preview, and is therefore not supported by them for
mdeslaur> use in production systems. Pending a full security audit of the
mdeslaur> code, the Xen.org security team recommends that Xen users do not
mdeslaur> enable TMEM."
mdeslaur> We will not be fixing this in Ubuntu. Marking as "ignored"
Bugs:
Priority: low
Discovered-by:
Assigned-to:
Patches_xen-3.1:
Tags_xen-3.1: universe-binary
upstream_xen-3.1: needs-triage
hardy_xen-3.1: not-affected
lucid_xen-3.1: DNE
natty_xen-3.1: DNE
oneiric_xen-3.1: DNE
precise_xen-3.1: DNE
quantal_xen-3.1: DNE
devel_xen-3.1: DNE
Patches_xen-3.2:
Tags_xen-3.2: universe-binary
upstream_xen-3.2: needs-triage
hardy_xen-3.2: not-affected
lucid_xen-3.2: DNE
natty_xen-3.2: DNE
oneiric_xen-3.2: DNE
precise_xen-3.2: DNE
quantal_xen-3.2: DNE
devel_xen-3.2: DNE
Patches_xen-3.3:
Tags_xen-3.3: universe-binary
upstream_xen-3.3: needs-triage
hardy_xen-3.3: DNE
lucid_xen-3.3: not-affected
natty_xen-3.3: ignored (reached end-of-life)
oneiric_xen-3.3: DNE
precise_xen-3.3: DNE
quantal_xen-3.3: DNE
devel_xen-3.3: DNE
Patches_xen:
Tags_xen: universe-binary
upstream_xen: needs-triage
hardy_xen: DNE
lucid_xen: DNE
natty_xen: DNE
oneiric_xen: ignored
precise_xen: ignored
quantal_xen: ignored
devel_xen: ignored
|