Lucene search

[email protected]CVE-2010-4238

HistoryJan 22, 2011 - 10:00 p.m.

CVE-2010-4238

2011-01-2222:00:03

CWE-264

[email protected]

web.nvd.nist.gov

xen

vbd_create

denial of service

blkback driver

cve-2010-4238

security vulnerability

5.5 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:N/I:N/A:C

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.3%

JSON

The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

citrixxenMatch3.1.2

AND

linuxlinux_kernelMatch2.6.18

redhatenterprise_linuxMatch5

CPENameOperatorVersion
citrix:xencitrix xeneq3.1.2

CPE	Name	Operator	Version
citrix:xen	citrix xen	eq	3.1.2

References

bugs.centos.org/bug_view_advanced_page.php?bug_id=4517

secunia.com/advisories/42884

secunia.com/advisories/46397

www.redhat.com/support/errata/RHSA-2011-0017.html

www.securityfocus.com/archive/1/520102/100/0/threaded

www.securityfocus.com/bid/45795

www.vmware.com/security/advisories/VMSA-2011-0012.html

bugzilla.redhat.com/show_bug.cgi?id=655623

exchange.xforce.ibmcloud.com/vulnerabilities/64698

5.5 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:N/I:N/A:C

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.3%

JSON

Related for CVE-2010-4238

veracode1 ubuntucve1 nvd1 cvelist1 prion1 redhat1 nessus5 openvas7 ubuntu1 oraclelinux1 vmware2