1. Home
  2. CVE Database
  3. CVE-2012-6034
MEDIUM · 4.4

CVE-2012-6034

The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv functions and the (3) TMEMC_SAVE_GET_POOL_UUID sub-operation in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 "do not check i...

Vulnerability Description

The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv functions and the (3) TMEMC_SAVE_GET_POOL_UUID sub-operation in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 "do not check incoming guest output buffer pointers," which allows local guest OS users to cause a denial of service (memory corruption and host crash) or execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others.

CVSS Score

4.4

MEDIUM

AV:L/AC:M/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
XenXen4.0.0

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2012-6034?

CVE-2012-6034 is a vulnerability with a CVSS score of 4.4 (MEDIUM). The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv functions and the (3) TMEMC_SAVE_GET_POOL_UUID sub-operation in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 "do not check i...

How severe is CVE-2012-6034?

CVE-2012-6034 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-6034?

Check the references section above for vendor advisories and patch information. Affected products include: Xen Xen.