Denial of Service and Potential Privilege Escalation in Xen and Citrix XenServer
CVE-2012-3516

Currently unrated

Key Information:

Vendor

Citrix
Status
Xenserver
Xen
Vendor
CVE Published:
23 November 2012

What is CVE-2012-3516?

A flaw in the GNTTABOP_swap_grant_ref operation within the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 could allow local guest kernels or system administrators to induce a denial of service by executing a crafted grant reference, potentially leading to host crashes. This vulnerability has implications for security as it may also enable privilege escalation by allowing unauthorized write access to arbitrary hypervisor memory locations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/55411
vdb-entryx_refsource_BID
http://secunia.com/advisories/50530
third-party-advisoryx_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2012/09/05/11
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.