Launchpad CVE tracker

CVE 2012-4539

Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hypercall infinite loop DoS vulnerability."

Related bugs and status

CVE-2012-4539 (Candidate) is related to these bugs:

Bug #1086801: xen: security advisories 20-25

		In	Importance	Status
1086801	xen: security advisories 20-25	xen (Ubuntu)	Medium	Fix Released
1086801	xen: security advisories 20-25	xen (Ubuntu Raring)	Medium	Fix Released
1086801	xen: security advisories 20-25	xen (Ubuntu Quantal)	Medium	Fix Released
1086801	xen: security advisories 20-25	xen (Ubuntu Precise)	Medium	Fix Released
1086801	xen: security advisories 20-25	xen (Ubuntu Oneiric)	Medium	Fix Released

Bug #1086875: xen: security advisories 26-32

		In	Importance	Status
1086875	xen: security advisories 26-32	xen (Ubuntu)	Medium	Fix Released
1086875	xen: security advisories 26-32	xen (Ubuntu Raring)	Medium	Fix Released
1086875	xen: security advisories 26-32	xen (Ubuntu Quantal)	Medium	Fix Released
1086875	xen: security advisories 26-32	xen (Ubuntu Precise)	Medium	Fix Released
1086875	xen: security advisories 26-32	xen (Ubuntu Oneiric)	Medium	Fix Released

Bug #1176209: Import problem caused by duplicate message ID

		In	Importance	Status
1176209	Import problem caused by duplicate message ID	xen (Ubuntu)	Low	Invalid
1176209	Import problem caused by duplicate message ID	xen (Ubuntu Precise)	Low	Fix Released
1176209	Import problem caused by duplicate message ID	xen (Ubuntu Quantal)	Low	Fix Released

Bug #1180396: Xen stable update to 4.1.5

		In	Importance	Status
1180396	Xen stable update to 4.1.5	xen (Ubuntu)	Low	Invalid
1180396	Xen stable update to 4.1.5	xen (Ubuntu Precise)	Medium	Fix Released
1180396	Xen stable update to 4.1.5	xen (Ubuntu Quantal)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-4539

References