Red Hat Customer Portal

Skip to main content

CVE-2012-5511

Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image.

Details Source

Mitre

Statement

Not vulnerable.
This issue did not affect the versions of the kernel-xen package as shipped with Red Hat Enterprise Linux 5.
This issue did not affect Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG as we did not have support for Xen hypervisor.

Public Date

2012-12-03 00:00:00

Impact

Moderate

Bugzilla

CVE-2012-5511 CVE-2012-6333 kernel: xen: several HVM operations do not validate the range of their inputs

Bugzilla ID

877 365

CVSS Status

draft

Base Score

5.50

Base Metrics

AV:A/AC:L/Au:S/C:N/I:N/A:C

Acknowledgements

Red Hat would like to thank the Xen project for reporting this issue.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 5 kernel-xen Not affected