Alpine: multiple xen packages: security update to 4.1.2-r9 (deprecated)

high Tenable Cloud Security Plugin ID 401336

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2
and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS
before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows
Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running
on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a
canonical address, which allows local users to gain privileges via a crafted application. NOTE: because
this issue is due to incorrect use of the Intel specification, it should have been split into separate
identifiers; however, there was some value in preserving the original mapping of the multi-codebase
coordinated-disclosure effort to a single identifier. (CVE-2012-0217)

- Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a syscall or sysenter
instruction, does not properly clear a flag for exception injection when injecting a General Protection
Fault, which allows local PV guest OS users to cause a denial of service (guest crash) by later triggering
an exception that would normally be handled within Xen. (CVE-2012-0218)

- Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a
certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via
sequential execution of instructions across a non-canonical boundary, a different vulnerability than
CVE-2012-0217. (CVE-2012-2934)

See Also

https://git.alpinelinux.org/aports/commit/?id=5ea246f3ae270c02ead13231f79923cc1b5a411a

https://git.alpinelinux.org/aports/commit/?id=be9fdf040952f1d584775c20c39632a62de34c48

Plugin Details

Severity: High

ID: 401336

Version: Revision 1.32

Type: Local

Published: 8/16/2023

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Critical

Score: 9.5

Percentile: 99.86

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2012-0217

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/12/2012

Vulnerability Publication Date: 6/12/2012

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (FreeBSD Intel SYSRET Privilege Escalation)

Reference Information

CVE: CVE-2012-0217, CVE-2012-0218, CVE-2012-2934

BID: 53856, 53955, 53961