CVE-2012-6031 : The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause

The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (CPU hang and host crash) via unspecified vectors related to a spinlock being held in the "bad_copy error path." NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.

Published 2012-11-23 20:55:04

Updated 2017-08-29 01:32:53

Source MITRE

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2012-6031

Probability of exploitation activity in the next 30 days: 0.06%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 25 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-6031

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.7	MEDIUM	AV:L/AC:M/Au:N/C:N/I:N/A:C	3.4	6.9	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

CWE ids for CVE-2012-6031

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2012-6031

http://security.gentoo.org/glsa/glsa-201309-24.xml

Xen: Multiple vulnerabilities (GLSA 201309-24) — Gentoo security

CVEs referencing this url
http://www.securityfocus.com/bid/55410

Xen 'TMEM hypercall' Multiple Security Vulnerabilities

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/78268

Xen TMEM privilege escalation CVE-2012-6036 Vulnerability Report

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2012/09/05/8

oss-security - Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities

CVEs referencing this url
http://www.securitytracker.com/id?1027482

Xen Transcendent Memory (TMEM) Multiple Flaws Lets Local Users on the Guest Operating System Gain Elevated Privileges on the Host - SecurityTracker

CVEs referencing this url
https://security.gentoo.org/glsa/201604-03

Xen: Multiple vulnerabilities (GLSA 201604-03) — Gentoo security

CVEs referencing this url
http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities

Security Announcements (Historical) - Xen

CVEs referencing this url
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html

Xen project Mailing List

CVEs referencing this url

Products affected by CVE-2012-6031

XEN » XEN » Version: 4.0.0
cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.1.0
cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.2.0
cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2012-6031

Exploit prediction scoring system (EPSS) score for CVE-2012-6031

CVSS scores for CVE-2012-6031

CWE ids for CVE-2012-6031

References for CVE-2012-6031

Products affected by CVE-2012-6031