Denial of Service Vulnerability in Xen and Citrix XenServer Products
CVE-2012-3496
Currently unrated
Summary
The XENMEM_populate_physmap function in specific versions of Xen and Citrix XenServer can be exploited by local paravirtualized operating system guest kernels. This exploitation occurs when the function does not utilize the expected paging mode, allowing unauthorized invocation of invalid flags, such as MEMF_populate_on_demand. This can lead to a denial of service condition, causing the host system to experience crashes triggered by the invalid flags, ultimately impacting system availability and stability.
References
Timeline
Vulnerability published
Vulnerability Reserved