CVE-2012-6030 - OpenCVE

The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via unspecified vectors related to "broken locking checks" in an "error path." NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Xen	Xen

Configuration 1 [-]

OR	cpe:2.3:o:xen:xen:4.0.0:::::::*
	cpe:2.3:o:xen:xen:4.1.0:::::::*
	cpe:2.3:o:xen:xen:4.2.0:::::::*

References

Link	Resource
http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html	Vendor Advisory
http://osvdb.org/85199
http://secunia.com/advisories/50472	Vendor Advisory
http://secunia.com/advisories/55082
http://security.gentoo.org/glsa/glsa-201309-24.xml
http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities
http://www.openwall.com/lists/oss-security/2012/09/05/8
http://www.securityfocus.com/bid/55410
http://www.securitytracker.com/id?1027482
https://exchange.xforce.ibmcloud.com/vulnerabilities/78268
https://security.gentoo.org/glsa/201604-03

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2012-11-23T20:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2012-11-23T00:00:00

Link: CVE-2012-6030

JSON object: View

NVD Information

Status : Modified

Published: 2012-11-23T20:55:04.070

Modified: 2017-08-29T01:32:53.167

Link: CVE-2012-6030

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-09-05T00:00:00", "descriptions": [{"lang": "en", "value": "The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via unspecified vectors related to \"broken locking checks\" in an \"error path.\" NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "55082", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/55082"}, {"name": "1027482", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1027482"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities"}, {"name": "GLSA-201309-24", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"}, {"name": "55410", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/55410"}, {"name": "[oss-security] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/09/05/8"}, {"name": "xen-tmem-priv-esc(78268)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78268"}, {"name": "85199", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/85199"}, {"name": "[Xen-announce] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html"}, {"name": "50472", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50472"}, {"name": "GLSA-201604-03", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201604-03"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-6030", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via unspecified vectors related to \"broken locking checks\" in an \"error path.\" NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "55082", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/55082"}, {"name": "1027482", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1027482"}, {"name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities", "refsource": "CONFIRM", "url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities"}, {"name": "GLSA-201309-24", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"}, {"name": "55410", "refsource": "BID", "url": "http://www.securityfocus.com/bid/55410"}, {"name": "[oss-security] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/09/05/8"}, {"name": "xen-tmem-priv-esc(78268)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78268"}, {"name": "85199", "refsource": "OSVDB", "url": "http://osvdb.org/85199"}, {"name": "[Xen-announce] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities", "refsource": "MLIST", "url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html"}, {"name": "50472", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/50472"}, {"name": "GLSA-201604-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201604-03"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-6030", "datePublished": "2012-11-23T20:00:00", "dateReserved": "2012-11-23T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301", "vulnerable": true}, {"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754", "vulnerable": true}, {"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via unspecified vectors related to \"broken locking checks\" in an \"error path.\" NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others."}, {"lang": "es", "value": "La funci\u00f3n do_tmem_op en el Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 permiten a los usuarios del SO invitado provocar una denegaci\u00f3n de servicio (ca\u00edda del host) y posiblemente generar otros impactos no especificados mediante vectores no especificados relacionados con \"broken locking checks\" en un \"error path.\" NOTA: este problema se public\u00f3 originalmente como parte del CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros."}], "id": "CVE-2012-6030", "lastModified": "2017-08-29T01:32:53.167", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-11-23T20:55:04.070", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/85199"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/50472"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/55082"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"}, {"source": "cve@mitre.org", "url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2012/09/05/8"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/55410"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1027482"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78268"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201604-03"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}