CVE-2012-3432
Published: 3 December 2012
The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations emulator for Xen 3.3 and 4.x, when running an HVM guest, does not properly reset certain state information between emulation cycles, which allows local guest OS users to cause a denial of service (guest OS crash) via unspecified operations on MMIO regions.
Notes
Author | Note |
---|---|
tyhicks | xen-3.3 and later are vulnerable |
mdeslaur | This is XSA-10 |
Priority
Status
Package | Release | Status |
---|---|---|
xen Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Released
(4.1.1-2ubuntu4.4)
|
|
precise |
Released
(4.1.2-2ubuntu2.4)
|
|
quantal |
Not vulnerable
(4.1.3-3ubuntu1)
|
|
raring |
Not vulnerable
|
|
saucy |
Not vulnerable
|
|
upstream |
Released
(4.1.3-1)
|
|
Binaries built from this source package are in Universe and so are supported by the community. | ||
xen-3.1 Launchpad, Ubuntu, Debian |
hardy |
Not vulnerable
|
lucid |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Not vulnerable
|
|
Binaries built from this source package are in Universe and so are supported by the community. | ||
xen-3.2 Launchpad, Ubuntu, Debian |
hardy |
Not vulnerable
|
lucid |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Not vulnerable
|
|
Binaries built from this source package are in Universe and so are supported by the community. | ||
xen-3.3 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Needs triage
|
|
Binaries built from this source package are in Universe and so are supported by the community. |