Vulnerability-Lookup

CVE-2012-4539 (GCVE-0-2012-4539)

Vulnerability from cvelistv5 – Published: 2012-11-21 23:00 – Updated: 2024-08-06 20:42

Summary

Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hypercall infinite loop DoS vulnerability."

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.openwall.com/lists/oss-security/2012/11/13/4	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/55082	third-party-advisoryx_refsource_SECUNIA
	http://www.osvdb.org/87305	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/51413	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/51200	third-party-advisoryx_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-201309-24.xml	vendor-advisoryx_refsource_GENTOO
	http://www.debian.org/security/2012/dsa-2582	vendor-advisoryx_refsource_DEBIAN
	http://www.securitytracker.com/id?1027763	vdb-entryx_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/51468	third-party-advisoryx_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.xen.org/archives/html/xen-announce/2…	mailing-listx_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/51352	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/51324	third-party-advisoryx_refsource_SECUNIA
	https://security.gentoo.org/glsa/201604-03	vendor-advisoryx_refsource_GENTOO
	http://www.securityfocus.com/bid/56498	vdb-entryx_refsource_BID
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:42:54.927Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20121113 Xen Security Advisory 24 (CVE-2012-4539) - Grant table hypercall infinite loop DoS vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/11/13/4"
          },
          {
            "name": "55082",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55082"
          },
          {
            "name": "87305",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/87305"
          },
          {
            "name": "51413",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51413"
          },
          {
            "name": "51200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51200"
          },
          {
            "name": "GLSA-201309-24",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
          },
          {
            "name": "DSA-2582",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2582"
          },
          {
            "name": "1027763",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027763"
          },
          {
            "name": "SUSE-SU-2012:1486",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html"
          },
          {
            "name": "openSUSE-SU-2012:1685",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html"
          },
          {
            "name": "xen-gnttabopgetstatus-dos(80026)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80026"
          },
          {
            "name": "openSUSE-SU-2012:1572",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
          },
          {
            "name": "51468",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51468"
          },
          {
            "name": "SUSE-SU-2012:1487",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html"
          },
          {
            "name": "[Xen-announce] 20121113 Xen Security Advisory 24 (CVE-2012-4539) - Grant table hypercall infinite loop DoS vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html"
          },
          {
            "name": "SUSE-SU-2014:0446",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
          },
          {
            "name": "51352",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51352"
          },
          {
            "name": "51324",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51324"
          },
          {
            "name": "GLSA-201604-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201604-03"
          },
          {
            "name": "56498",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/56498"
          },
          {
            "name": "SUSE-SU-2012:1615",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html"
          },
          {
            "name": "openSUSE-SU-2012:1573",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-11-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka \"Grant table hypercall infinite loop DoS vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[oss-security] 20121113 Xen Security Advisory 24 (CVE-2012-4539) - Grant table hypercall infinite loop DoS vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/11/13/4"
        },
        {
          "name": "55082",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55082"
        },
        {
          "name": "87305",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/87305"
        },
        {
          "name": "51413",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51413"
        },
        {
          "name": "51200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51200"
        },
        {
          "name": "GLSA-201309-24",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
        },
        {
          "name": "DSA-2582",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2582"
        },
        {
          "name": "1027763",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027763"
        },
        {
          "name": "SUSE-SU-2012:1486",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html"
        },
        {
          "name": "openSUSE-SU-2012:1685",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html"
        },
        {
          "name": "xen-gnttabopgetstatus-dos(80026)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80026"
        },
        {
          "name": "openSUSE-SU-2012:1572",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
        },
        {
          "name": "51468",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51468"
        },
        {
          "name": "SUSE-SU-2012:1487",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html"
        },
        {
          "name": "[Xen-announce] 20121113 Xen Security Advisory 24 (CVE-2012-4539) - Grant table hypercall infinite loop DoS vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html"
        },
        {
          "name": "SUSE-SU-2014:0446",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
        },
        {
          "name": "51352",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51352"
        },
        {
          "name": "51324",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51324"
        },
        {
          "name": "GLSA-201604-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201604-03"
        },
        {
          "name": "56498",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/56498"
        },
        {
          "name": "SUSE-SU-2012:1615",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html"
        },
        {
          "name": "openSUSE-SU-2012:1573",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-4539",
    "datePublished": "2012-11-21T23:00:00.000Z",
    "dateReserved": "2012-08-21T00:00:00.000Z",
    "dateUpdated": "2024-08-06T20:42:54.927Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2012-AVI-651

Vulnerability from certfr_avis - Published: 2012-11-14 - Updated: 2012-11-14

De multiples vulnérabilités ont été corrigées dans Citrix XenServer. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service au moyen de programmes spécialement conçus.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Citrix	XenServer	Citrix XenServer version 5.0
Citrix	XenServer	Citrix XenServer version 5.6
Citrix	XenServer	Citrix XenServer version 6.1
Citrix	XenServer	Citrix XenServer version 5.5
Citrix	XenServer	Citrix XenServer version 6.0

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix XenServer CTX135458 du 13 novembre 2012	None	vendor-advisory
Bulletin de sécurité Citrix XenServer CTX135458 du 13 novembre 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Citrix XenServer version 5.0",
      "product": {
        "name": "XenServer",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix XenServer version 5.6",
      "product": {
        "name": "XenServer",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix XenServer version 6.1",
      "product": {
        "name": "XenServer",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix XenServer version 5.5",
      "product": {
        "name": "XenServer",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix XenServer version 6.0",
      "product": {
        "name": "XenServer",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-4539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4539"
    },
    {
      "name": "CVE-2012-4538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4538"
    },
    {
      "name": "CVE-2012-4536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4536"
    },
    {
      "name": "CVE-2012-4557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4557"
    },
    {
      "name": "CVE-2012-4535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4535"
    },
    {
      "name": "CVE-2012-4537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4537"
    }
  ],
  "initial_release_date": "2012-11-14T00:00:00",
  "last_revision_date": "2012-11-14T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix XenServer CTX135458 du 13    novembre 2012 :",
      "url": "http://support.citrix.com/article/CTX135458"
    }
  ],
  "reference": "CERTA-2012-AVI-651",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-11-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eCitrix XenServer\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service au moyen de\nprogrammes sp\u00e9cialement con\u00e7us.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Citrix XenServer",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix XenServer CTX135458 du 13 novembre 2012",
      "url": null
    }
  ]
}

CERTA-2012-AVI-650

Vulnerability from certfr_avis - Published: 2012-11-14 - Updated: 2012-11-14

De multiples vulnérabilités ont été corrigées dans Xen. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service au moyen de programmes spécialement conçus.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	XEN	Xen	Xen versions antérieures à la 4.1

References

Title

Publication Time

Tags

Bulletin de sécurité Xen du 13 novembre 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Xen versions ant\u00e9rieures \u00e0 la 4.1",
      "product": {
        "name": "Xen",
        "vendor": {
          "name": "XEN",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-4539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4539"
    },
    {
      "name": "CVE-2012-4538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4538"
    },
    {
      "name": "CVE-2012-4536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4536"
    },
    {
      "name": "CVE-2012-4535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4535"
    },
    {
      "name": "CVE-2012-4537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4537"
    }
  ],
  "initial_release_date": "2012-11-14T00:00:00",
  "last_revision_date": "2012-11-14T00:00:00",
  "links": [],
  "reference": "CERTA-2012-AVI-650",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-11-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eXen\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service au moyen de programmes\nsp\u00e9cialement con\u00e7us.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Xen",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Xen du 13 novembre 2012",
      "url": "http://lists.xen.org/archives/html/xen-announce/2012-11/msg00005.html"
    }
  ]
}

FKIE_CVE-2012-4539

Vulnerability from fkie_nvd - Published: 2012-11-21 23:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
secalert@redhat.com	http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/51200
secalert@redhat.com	http://secunia.com/advisories/51324
secalert@redhat.com	http://secunia.com/advisories/51352
secalert@redhat.com	http://secunia.com/advisories/51413
secalert@redhat.com	http://secunia.com/advisories/51468
secalert@redhat.com	http://secunia.com/advisories/55082
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-201309-24.xml
secalert@redhat.com	http://www.debian.org/security/2012/dsa-2582
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2012/11/13/4
secalert@redhat.com	http://www.osvdb.org/87305
secalert@redhat.com	http://www.securityfocus.com/bid/56498
secalert@redhat.com	http://www.securitytracker.com/id?1027763
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/80026
secalert@redhat.com	https://security.gentoo.org/glsa/201604-03
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51200
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51324
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51352
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51413
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51468
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/55082
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201309-24.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2582
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2012/11/13/4
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/87305
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/56498
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1027763
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/80026
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/201604-03

Impacted products

Vendor	Product	Version
xen	xen	4.0.0
xen	xen	4.0.1
xen	xen	4.0.2
xen	xen	4.0.3
xen	xen	4.0.4
xen	xen	4.1.0
xen	xen	4.1.1
xen	xen	4.1.2
xen	xen	4.1.3
xen	xen	4.2.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC734D58-96E5-4DD2-8781-F8E0ADB96462",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "62CEC1BF-1922-410D-BCBA-C58199F574C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "923F2C2B-4A65-4823-B511-D0FEB7C7FAB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "27537DF5-7E0F-463F-BA87-46E329EE07AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EA4F978-9145-4FE6-B4F9-15207E52C40A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka \"Grant table hypercall infinite loop DoS vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Xen 4.0 hasta 4.2, al ejecutar clientes 32-bit x86 PV en hipervisores 64-bit, permite a los administradores locales del sistema operativo cliente causar una denegaci\u00f3n de servicio (bucle infinito y cuelgue o ca\u00edda) a trav\u00e9s de argumentos no v\u00e1lidos a GNTTABOP_get_status_frames, alias \"Grant table hypercall infinite loop DoS vulnerability\"."
    }
  ],
  "id": "CVE-2012-4539",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-11-21T23:55:02.290",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/51200"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/51324"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/51352"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/51413"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/51468"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/55082"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2012/dsa-2582"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/11/13/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/87305"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/56498"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1027763"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80026"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://security.gentoo.org/glsa/201604-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/51200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/51324"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/51352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/51413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/51468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/55082"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2012/dsa-2582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/11/13/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/87305"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/56498"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1027763"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201604-03"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2012-4539

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-4539

Aliases

CVE-2012-4539

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-4539",
    "description": "Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka \"Grant table hypercall infinite loop DoS vulnerability.\"",
    "id": "GSD-2012-4539",
    "references": [
      "https://www.suse.com/security/cve/CVE-2012-4539.html",
      "https://www.debian.org/security/2012/dsa-2582"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-4539"
      ],
      "details": "Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka \"Grant table hypercall infinite loop DoS vulnerability.\"",
      "id": "GSD-2012-4539",
      "modified": "2023-12-13T01:20:15.616272Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2012-4539",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka \"Grant table hypercall infinite loop DoS vulnerability.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://secunia.com/advisories/55082",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/55082"
          },
          {
            "name": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
            "refsource": "MISC",
            "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
          },
          {
            "name": "http://secunia.com/advisories/51413",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/51413"
          },
          {
            "name": "https://security.gentoo.org/glsa/201604-03",
            "refsource": "MISC",
            "url": "https://security.gentoo.org/glsa/201604-03"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
          },
          {
            "name": "http://secunia.com/advisories/51200",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/51200"
          },
          {
            "name": "http://secunia.com/advisories/51324",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/51324"
          },
          {
            "name": "http://secunia.com/advisories/51352",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/51352"
          },
          {
            "name": "http://secunia.com/advisories/51468",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/51468"
          },
          {
            "name": "http://www.debian.org/security/2012/dsa-2582",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2012/dsa-2582"
          },
          {
            "name": "http://www.securityfocus.com/bid/56498",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/56498"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html"
          },
          {
            "name": "http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html",
            "refsource": "MISC",
            "url": "http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2012/11/13/4",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2012/11/13/4"
          },
          {
            "name": "http://www.osvdb.org/87305",
            "refsource": "MISC",
            "url": "http://www.osvdb.org/87305"
          },
          {
            "name": "http://www.securitytracker.com/id?1027763",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1027763"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80026",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80026"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-4539"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka \"Grant table hypercall infinite loop DoS vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "87305",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/87305"
            },
            {
              "name": "[Xen-announce] 20121113 Xen Security Advisory 24 (CVE-2012-4539) - Grant table hypercall infinite loop DoS vulnerability",
              "refsource": "MLIST",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html"
            },
            {
              "name": "[oss-security] 20121113 Xen Security Advisory 24 (CVE-2012-4539) - Grant table hypercall infinite loop DoS vulnerability",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2012/11/13/4"
            },
            {
              "name": "1027763",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1027763"
            },
            {
              "name": "DSA-2582",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2012/dsa-2582"
            },
            {
              "name": "SUSE-SU-2012:1615",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html"
            },
            {
              "name": "51468",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/51468"
            },
            {
              "name": "SUSE-SU-2012:1487",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html"
            },
            {
              "name": "openSUSE-SU-2012:1572",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
            },
            {
              "name": "SUSE-SU-2012:1486",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html"
            },
            {
              "name": "openSUSE-SU-2012:1685",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html"
            },
            {
              "name": "56498",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/56498"
            },
            {
              "name": "51200",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/51200"
            },
            {
              "name": "51352",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/51352"
            },
            {
              "name": "51413",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/51413"
            },
            {
              "name": "51324",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/51324"
            },
            {
              "name": "55082",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/55082"
            },
            {
              "name": "GLSA-201309-24",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
            },
            {
              "name": "SUSE-SU-2014:0446",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
            },
            {
              "name": "openSUSE-SU-2012:1573",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
            },
            {
              "name": "GLSA-201604-03",
              "refsource": "GENTOO",
              "tags": [],
              "url": "https://security.gentoo.org/glsa/201604-03"
            },
            {
              "name": "xen-gnttabopgetstatus-dos(80026)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80026"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-29T01:32Z",
      "publishedDate": "2012-11-21T23:55Z"
    }
  }
}

GHSA-FH46-GPFM-WFXC

Vulnerability from github – Published: 2022-05-17 01:41 – Updated: 2022-05-17 01:41

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-4539"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-11-21T23:55:00Z",
    "severity": "LOW"
  },
  "details": "Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka \"Grant table hypercall infinite loop DoS vulnerability.\"",
  "id": "GHSA-fh46-gpfm-wfxc",
  "modified": "2022-05-17T01:41:58Z",
  "published": "2022-05-17T01:41:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4539"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80026"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201604-03"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.xen.org/archives/html/xen-announce/2012-11/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51200"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51324"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51352"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51413"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51468"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/55082"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2012/dsa-2582"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2012/11/13/4"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/87305"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/56498"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1027763"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-4539 (GCVE-0-2012-4539)

CERTA-2012-AVI-651

Solution

CERTA-2012-AVI-650

Solution

FKIE_CVE-2012-4539

GSD-2012-4539

GHSA-FH46-GPFM-WFXC

Tags

Sightings

Nomenclature