CVE Reference: CVE-2012-2625

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2012-2625

Description:
The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image.

CVE Status:
Candidate

References:

SUSE
  http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html
  http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00025.html
  http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00024.html
  http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html
  http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html
  http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html
  http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html

ST
  1027090

SAID
  Secunia Advisory: SA49184
  Secunia Advisory: SA51413

REDHAT
  http://rhn.redhat.com/errata/RHSA-2012-1130.html

MLIST
  http://www.openwall.com/lists/oss-security/2012/10/26/3

MISC
  http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1817

CONFIRM
  http://xenbits.xensource.com/hg/xen-unstable.hg/rev/60f09d1ab1fe

BID
  53650


Return to the previous page.