Denial of Service and Potential Privilege Escalation in Xen and Citrix XenServer
CVE-2012-3516

Currently unrated

Key Information:

Vendor: Citrix
Status: Xenserver; Xen
Vendor: CVE Published:; 23 November 2012

Summary

A flaw in the GNTTABOP_swap_grant_ref operation within the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 could allow local guest kernels or system administrators to induce a denial of service by executing a crafted grant reference, potentially leading to host crashes. This vulnerability has implications for security as it may also enable privilege escalation by allowing unauthorized write access to arbitrary hypervisor memory locations.

References

http://www.securityfocus.com/bid/55411

vdb-entryx_refsource_BID

http://secunia.com/advisories/50530

third-party-advisoryx_refsource_SECUNIA

http://www.openwall.com/lists/oss-security/2012/09/05/11

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Nov 23, 2012
Vulnerability Reserved
Jun 14, 2012