HOMEVULNERABILITIESCVE-2012-0217
HIGHPOC

CVE-2012-0217

CWE-119Published: June 12, 2012· Updated: Jun 16, 2026

7.2
CVSS v3.1

Official Description

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.

NVD Source

Technical Analysis

CVE-2012-0217 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

A proof-of-concept (PoC) exploit exists for CVE-2012-0217. While not yet confirmed in active campaigns, the availability of PoC code increases exploitation risk substantially.

From a weakness classification perspective (CWE-119): Buffer overflow vulnerabilities can lead to arbitrary code execution or denial of service by corrupting adjacent memory.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorLocal
Attack ComplexityLow
Privileges Req.
User Interaction
Scope
Impact
ConfidentialityC
IntegrityC
AvailabilityC
AV:L/AC:L/Au:N/C:C/I:C/A:C

Affected Vendors & Products

citrix1 product(s)
xenserver
freebsd1 product(s)
freebsd
illumos1 product(s)
illumos
joyent1 product(s)
smartos
Microsoft4 product(s)
windows 7windows server 2003windows server 2008windows xp
netbsd1 product(s)
netbsd
sun1 product(s)
sunos
xen1 product(s)
xen
Source: NVD CPE · 19 total CPE entries

Exploit & PoC Resources

POC AVAILABLEProof-of-concept code exists
External links open in a new tab. Always verify in a controlled environment before use.

All References (46)

Quick Facts

CVE IDCVE-2012-0217
CVSS Score7.2 / 10
SeverityHIGH
WeaknessCWE-119
CISA KEVNo
ExploitPOC
Affected8 vendor(s)
PublishedJun 12, 2012

Related CVEs (CWE-119)

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2012-0217 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.