DSA-2531-1 xen -- Denial of ServiceID: oval:org.secpod.oval:def:600870 | Date: (C)2012-08-24 (M)2022-10-10 |
Class: PATCH | Family: unix |
Several denial-of-service vulnerabilities have been discovered in Xen, the popular virtualization software. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2012-3432 Guest mode unprivileged code, which has been granted the privilege to access MMIO regions, may leverage that access to crash the whole guest. Since this be used to crash a client from within, this vulnerability is consider with low impact. CVE-2012-3433 A guest kernel can cause the host to become unresponsive for a period of time, potentially leading to a DoS. Since an attacker with full control in the guest can impact on the host, this vulnerability is consider with high impact.