CVE-2012-4544

The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of service (domain 0 memory consumption) via a crafted (a) kernel or (b) ramdisk.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
VendorProductVersion
xenxen
𝑥
≤ 4.2.0
xenxen
4.1.0
xenxen
4.1.1
xenxen
4.1.2
xenxen
4.1.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
xen
bullseye
4.14.6-1
fixed
bullseye (security)
4.14.5+94-ge49571868d-1
fixed
bookworm
4.17.3+10-g091466ba55-1~deb12u1
fixed
sid
4.17.3+36-g54dacb5c02-1
fixed
trixie
4.17.3+36-g54dacb5c02-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xen
saucy
Fixed 4.2.0-1ubuntu2
released
raring
Fixed 4.2.0-1ubuntu2
released
quantal
Fixed 4.1.3-3ubuntu1.1
released
precise
Fixed 4.1.2-2ubuntu2.3
released
oneiric
Fixed 4.1.1-2ubuntu4.3
released
lucid
dne
hardy
dne
xen-3.1
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
dne
lucid
dne
hardy
ignored
xen-3.2
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
dne
lucid
dne
hardy
ignored
xen-3.3
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
dne
lucid
ignored
hardy
dne
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091832.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091844.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092050.html
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html
http://osvdb.org/86619
http://rhn.redhat.com/errata/RHSA-2013-0241.html
http://secunia.com/advisories/51071
http://secunia.com/advisories/51324
http://secunia.com/advisories/51352
http://secunia.com/advisories/51413
http://www.debian.org/security/2013/dsa-2636
http://www.openwall.com/lists/oss-security/2012/10/26/3
http://www.securityfocus.com/bid/56289
http://www.securitytracker.com/id?1027699
https://exchange.xforce.ibmcloud.com/vulnerabilities/79617
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091832.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091844.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092050.html
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html
http://osvdb.org/86619
http://rhn.redhat.com/errata/RHSA-2013-0241.html
http://secunia.com/advisories/51071
http://secunia.com/advisories/51324
http://secunia.com/advisories/51352
http://secunia.com/advisories/51413
http://www.debian.org/security/2013/dsa-2636
http://www.openwall.com/lists/oss-security/2012/10/26/3
http://www.securityfocus.com/bid/56289
http://www.securitytracker.com/id?1027699
https://exchange.xforce.ibmcloud.com/vulnerabilities/79617