Create an account

Subscribe to LWN

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

xen: multiple vulnerabilities

Package(s):

Xen

CVE #(s):

CVE-2012-5510 CVE-2012-5511 CVE-2012-5512 CVE-2012-5514 CVE-2012-5515

Created:

December 6, 2012

Updated:

December 24, 2012

Description:

From the SUSE advisory:

CVE-2012-5510: Grant table version switch list corruption vulnerability (XSA-26)
CVE-2012-5511: Several HVM operations do not validate the range of their inputs (XSA-27)
CVE-2012-5512: HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak (XSA-28)
CVE-2012-5514: Missing unlock in guest_physmap_mark_populate_on_demand() (XSA-30)
CVE-2012-5515: Several memory hypercall operations allow invalid extent order values (XSA-31)

Alerts:

SUSE	SUSE-SU-2012:1615-1	2012-12-06
Debian	DSA-2582-1	2012-12-07
Fedora	FEDORA-2012-19828	2012-12-15
Fedora	FEDORA-2012-19717	2012-12-13
openSUSE	openSUSE-SU-2012:1685-1	2012-12-23
openSUSE	openSUSE-SU-2012:1687-1	2012-12-23
Red Hat	RHSA-2013:0168-01	2013-01-22
CentOS	CESA-2013:0168	2013-01-23
openSUSE	openSUSE-SU-2013:0133-1	2013-01-23
Oracle	ELSA-2013-0168	2013-01-23
Oracle	ELSA-2013-0168	2013-01-23
Scientific Linux	SL-kern-20130123	2013-01-23
Debian	DSA-2636-1	2013-03-01
Debian	DSA-2636-2	2013-03-03
openSUSE	openSUSE-SU-2013:0636-1	2013-04-08
openSUSE	openSUSE-SU-2013:0637-1	2013-04-08

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds