CVE-2012-5513
EPSS 0.14%
Description
The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range.
How to fix CVE-2012-5513
To remediate CVE-2012-5513, upgrade the affected package to a fixed version below.
- Debian/xen—upgrade to 4.1.3-5 or later
Is CVE-2012-5513 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4.1.3-5