Strix
26.1K

CVE-2012-0217

UnknownEPSS 37.46%

Last modified

CVE-2012-0217 is a vulnerability of currently unknown severity. The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.. EPSS estimates a 37.46% chance of exploitation in the next 30 days.

Description

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.

Metrics

EPSS Probability
37.46%

98.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
FreebsdFreebsd<= 9.0
IllumosIllumos<= r13723
JoyentSmartos<= 20120614
XenXen<= 4.1.2
XenXen4.0.0
XenXen4.0.1
XenXen4.0.2
XenXen4.0.3
XenXen4.0.4
XenXen4.1.0
XenXen4.1.1
MicrosoftWindows 7All versions
MicrosoftWindows Server 2003All versionsSp2
MicrosoftWindows Server 2008r2
MicrosoftWindows XpAll versionsSp3
CitrixXenserver<= 6.0.2
CitrixXenserver6.0
NetbsdNetbsd<= 6.0Beta
SunSunos<= 5.11

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2012-0217?
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
How severe is CVE-2012-0217?
Severity scoring for CVE-2012-0217 is pending analysis. The EPSS model estimates a 37.46% probability of exploitation in the next 30 days.
How do I fix CVE-2012-0217?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-0217?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST