VYPR
Unrated severityNVD Advisory· Published Jun 12, 2012· Updated Jun 16, 2026

CVE-2012-0217

CVE-2012-0217

Description

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

30
  • cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*range: <=6.0.2
    • cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*
    • (no CPE)range: <=6.0.2
  • FreeBSD/FreeBSD2 versions
    cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*range: <=9.0
    • (no CPE)range: <9.0-RELEASE-p3
  • Illumos/Illumos2 versions
    cpe:2.3:o:illumos:illumos:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:illumos:illumos:*:*:*:*:*:*:*:*range: <=r13723
    • (no CPE)range: <r13724
  • Joyent/Smartos2 versions
    cpe:2.3:o:joyent:smartos:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:joyent:smartos:*:*:*:*:*:*:*:*range: <=20120614
    • (no CPE)range: <20120614T184600Z
  • cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*
    • (no CPE)range: <=SP1
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*
    • (no CPE)range: <=R2 SP1
  • cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
  • NetBSD/NetBSD2 versions
    cpe:2.3:o:netbsd:netbsd:*:beta:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:netbsd:netbsd:*:beta:*:*:*:*:*:*range: <=6.0
    • (no CPE)range: <=6.0 Beta
  • cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*
    Range: <=5.11
  • Xen/Xen9 versions
    cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*range: <=4.1.2
    • cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*
    • cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*
    • (no CPE)range: <=4.1.2
  • Range: <=11

Patches

Vulnerability mechanics

References

23

News mentions

0

No linked articles in our index yet.