CVE-2012-4537
EPSS 0.11%
Description
Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability."
How to fix CVE-2012-4537
To remediate CVE-2012-4537, upgrade the affected package to a fixed version below.
- Debian/xen—upgrade to 4.1.3-4 or later
Is CVE-2012-4537 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4.1.3-4