REDHAT-BUG-851193
First published: Thu Aug 23 2012(Updated: )
PHYSDEVOP_map_pirq with MAP_PIRQ_TYPE_GSI does not range check map->index. A malicious HVM guest kernel can crash the host. It might also be able to read hypervisor or guest memory. All Xen systems running HVM guests are vulnerable. PV guests are not vulnerable. Acknowledgements: Red Hat would like to thank the Xen project for reporting this issue. Upstream acknowledges Matthew Daley as the original reporter.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xen Hypervisor |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-851193?
The severity of REDHAT-BUG-851193 is high due to the potential for HVM guest kernels to crash the host and access hypervisor or guest memory.
How do I fix REDHAT-BUG-851193?
To fix REDHAT-BUG-851193, update to a patched version of the Xen Hypervisor that addresses this vulnerability.
Which versions of Xen Hypervisor are affected by REDHAT-BUG-851193?
All Xen systems running HVM guests are affected by REDHAT-BUG-851193.
Can PV guests be impacted by REDHAT-BUG-851193?
No, PV guests are not vulnerable to REDHAT-BUG-851193.
What are the potential consequences of exploiting REDHAT-BUG-851193?
Exploitation of REDHAT-BUG-851193 could lead to host crashes and unauthorized access to sensitive memory.
- collector/redhat-bugzilla
- alias/CVE-2012-3498
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/severity
- agent/references
- agent/softwarecombine
- agent/description
- agent/event
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/xen
- canonical/xen hypervisor