CVE-2012-3432
Xen 3.3 and 4.x - Denial of Service via MMIO Operations Emulator
Title source: llmDescription
The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations emulator for Xen 3.3 and 4.x, when running an HVM guest, does not properly reset certain state information between emulation cycles, which allows local guest OS users to cause a denial of service (guest OS crash) via unspecified operations on MMIO regions.
References (9)
Core 9
Core References
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2012/dsa-2531
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/55082
Exploit, Vendor Advisory mailing-list
x_refsource_mlist
http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201309-24.xml
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00025.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00024.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/54691
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html
Scores
EPSS
0.0142
EPSS Percentile
80.8%
Details
CWE
CWE-264
Status
published
Products (11)
xen/xen
3.3.0
xen/xen
4.0.0
xen/xen
4.0.1
xen/xen
4.0.2
xen/xen
4.0.3
xen/xen
4.0.4
xen/xen
4.1.0
xen/xen
4.1.1
xen/xen
4.1.2
xen/xen
4.1.3
... and 1 more
Published
Dec 03, 2012
Tracked Since
Feb 18, 2026