Vulnerability & Exploit Database

Displaying all 9 entries

Results for: CVE-2012-4537 Back to search

DSA-2582-1 xen -- several vulnerabilities Vulnerability

  • Severity: 7
  • Published: December 13, 2012

The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range.

SUSE Linux Security Vulnerability: CVE-2012-4537 Vulnerability

  • Severity: 2
  • Published: November 21, 2012

Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability."

Gentoo Linux: CVE-2012-4537: Xen: Multiple vulnerabilities Vulnerability

  • Severity: 2
  • Published: November 21, 2012

Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability."

Cent OS: CVE-2012-4537: CESA-2012:1540 (kernel) Vulnerability

  • Severity: 2
  • Published: November 21, 2012

Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability."

RHSA-2012:1540: kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 7
  • Published: October 03, 2012

These packages contain the Linux kernel.Security fixes:Red Hat would like to thank Theodore Ts'o for reporting CVE-2012-4508; theXen project for reporting CVE-2012-5513, CVE-2012-4535, and CVE-2012-4537;and Hafid Lin for reporting CVE-2012-3552. Upstream acknowledges DmitryMonakhov as the original reporter of CVE-2012-4508. CVE-2012-2372...

ELSA-2013-1645 Important: Oracle Linux Kernel update Vulnerability

  • Severity: 10
  • Published: May 24, 2012

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.