OSVDB ID: 85200

Title: Xen XENMEM_populate_physmap Macro MEMF_populate_on_demand Flag Handling Local DoS

Info

Disclosure
Sep 05, 2012

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Sep 05, 2012

Description

 Xen contains a flaw that may allow a local denial of service. The issue is triggered when an error occurs when the XENMEM_populate_physmap macro is called with the MEMF_populate_on_demand flag set. This will result in loss of availability for the program via the

Classification

 Location: Local Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified
OSVDB: Authentication Required

Solution

 Currently, there are no known workarounds or upgrades to correct this issue. However, the vendor has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Citrix Systems, Inc.

Xen

 4.1
4.0
4.2

XenServer

 5.0
5.0 Update 3
5.6
5.6 FP 1
5.6 SP 2
6.0
6.0.2

References

Credit

Unknown or Incomplete


Direct URL: http://osvdb.org/85200