SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Citrix XenServer Vendors:   Citrix
(Citrix Issues Fix for XenServer) Xen Grant Table Hypercall Infinite Loop Lets Local Guest Administrative Users Deny Service
SecurityTracker Alert ID:  1027768
SecurityTracker URL:  http://securitytracker.com/id/1027768
CVE Reference:   CVE-2012-4539   (Links to External Site)
Date:  Nov 14 2012
Impact:   Denial of service via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): XenServer 5.0 Update 3, 5.5, 5.6, 5.6 Common Criteria, 5.6 FP 1, 5.6 SP 2, 6.0, 6.0.2, 6.0.2 Common Criteria, 6.1.0
Description:   A vulnerability was reported in Xen. A local administrative user on the guest operating system can cause denial of service conditions on the target host operating system. Citrix XenServer is affected.

A local user with administrative privileges on the guest operating system can cause infinite loop in the compat hypercall handler.

On systems with the Xen watchdog enabled, the target system will crash.

Only systems with 32-bit x86 PV guests running on 64-bit Xen hypervisors are affected.

Impact:   A local administrative user on the guest operating system can cause Xen to enter an infinite loop.
Solution:   Citrix has issued a fix for Citrix XenServer.

The Citrix advisory is available at:

http://support.citrix.com/article/CTX135458

Cause:   State error

Message History:   This archive entry is a follow-up to the message listed below.
Nov 14 2012 Xen Grant Table Hypercall Infinite Loop Lets Local Guest Administrative Users Deny Service



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC