CVE-2012-0217
Published Jun 12, 2012
Last updated 4 years ago
Overview
- Description
- The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
- Source
- security@debian.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Evaluator
- Comment
- -
- Impact
- Per: http://technet.microsoft.com/en-us/security/bulletin/ms12-042 'This vulnerability only affects Intel x64-based versions of Windows 7 and Windows Server 2008 R2. Systems with AMD or ARM-based CPUs are not affected by this vulnerability.'
- Solution
- Per: http://technet.microsoft.com/en-us/security/bulletin/ms12-042 'This vulnerability only affects Intel x64-based versions of Windows 7 and Windows Server 2008 R2. Systems with AMD or ARM-based CPUs are not affected by this vulnerability.'
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F7B2CC9-2907-49AF-8497-CE60554123F4",
"versionEndIncluding": "9.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:illumos:illumos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8F4D46A-B031-4639-AA94-5E44091F4B92",
"versionEndIncluding": "r13723"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:joyent:smartos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F2DF32E-26A0-4463-85DD-6E63C125E606",
"versionEndIncluding": "20120614"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5037783-1819-4FC5-B7A7-EB80F6A98E1F",
"versionEndIncluding": "4.1.2"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC734D58-96E5-4DD2-8781-F8E0ADB96462"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62CEC1BF-1922-410D-BCBA-C58199F574C7"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "923F2C2B-4A65-4823-B511-D0FEB7C7FAB2"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE381783-027E-4B6D-B801-59873E5EA483"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4FA15D65-7C32-4C7A-9915-746AB3F454EE"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24FCA867-7158-459C-9D6C-75A39263F00A",
"versionEndIncluding": "6.0.2"
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C1D10B8-202D-44A4-A872-88D7C11488D1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2AF9820-F982-4804-9580-78CDD4273C6B",
"versionEndIncluding": "6.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "696972CD-A690-4DDC-A852-1253062AE874",
"versionEndIncluding": "5.11"
}
],
"operator": "OR"
}
]
}
]