Page 72 of 374 results (0.004 seconds)

CVSS: 6.1EPSS: 0%CPEs: 19EXPL: 0

CVE-2010-4255 – xen: 64-bit PV xen guest can crash host by accessing hypervisor per-domain memory area

https://notcve.org/view.php?id=CVE-2010-4255

The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access. La función fixup_page_fault en arch/x86/traps.c en Xen v.4.0.1 y anteriores sobre plataformas 64-bit, cuando se activa la paravirtualización, no verifica que el modo kernel está usado para llamar a la función handle_gdt_ldt_mapping_fault, lo que permite a los usuarios invitados del sistema operativo provocar una denegación de servicio (host OS BUG_ON) a través de un acceso de memoria manipulado. • http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html http://openwall.com/lists/oss-security/2010/11/30/5 http://openwall.com/lists/oss-security/2010/11/30/8 http://secunia.com/advisories/42884 http://secunia.com/advisories/46397 http://www.redhat.com/support/errata/RHSA-2011-0017.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2

CVE-2010-4238 – kernel: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV

https://notcve.org/view.php?id=CVE-2010-4238

The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information. La función vbd_create de Xen 3.1.2, cuando el kernel de Linux 2.6.18 de Red Hat Enterprise Linux (RHEL) 5 es utilizado, permite a usuarios del SO invitados provocar una denegación de servicio (excepción "panic" del SO del equipo) a través de un intento de acceso a un dispositivo de CD-ROM virtual a través del controlador blkback. NOTA: algunos de estos detalles han sido obtenidos de terceras partes. • http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517 http://secunia.com/advisories/42884 http://secunia.com/advisories/46397 http://www.redhat.com/support/errata/RHSA-2011-0017.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/45795 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=655623 https://exchange.xforce.ibmcloud.com/vulnerabilities/64698 https://access& • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0

CVE-2010-4247 – xen: request-processing loop is unbounded in blkback

https://notcve.org/view.php?id=CVE-2010-4247

The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information. La función do_block_io_op en (1) ldrivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c en Xen anterior a v3.4.0 para el kernel Linux v2.6.18, y posiblemente otras versiones, permite a los usuarios invitados del sistema operativo causar una denegación de servicio (bucle infinito y el consumo de CPU) a través de un gran índice de producción de peticiones a los controladores blkback o blktap back-end. NOTA: algunos de estos detalles han sido obtenidos de información de terceros. • http://secunia.com/advisories/35093 http://secunia.com/advisories/42789 http://secunia.com/advisories/46397 http://www.openwall.com/lists/oss-security/2010/11/23/1 http://www.openwall.com/lists/oss-security/2010/11/24/8 http://www.redhat.com/support/errata/RHSA-2011-0004.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/45029 http://www.vmware.com/security/advisories/VMSA-2011-0012.html http://www.vupen.com/ • CWE-20: Improper Input Validation •

CVSS: 2.7EPSS: 0%CPEs: 16EXPL: 0

CVE-2010-3699 – kernel: guest->host denial of service from invalid xenbus transitions

https://notcve.org/view.php?id=CVE-2010-3699

The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap. El driver backend en Xen v3.x permite a usuarios del OS causar una denegación de servicio a través de una fuga en el hilo del kernel, lo que evita que el dispositivo y el invitado OS sean apagados o se cree un dominio zombie, causando una caída en zenwatch, o impida que comandos sin especificar xm trabajen de forma adecuada, relacionado con (1) netback, (2) blkback, o (3) blktap. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html http://secunia.com/advisories/42372 http://secunia.com/advisories/42789 http://secunia.com/advisories/43056 http://secunia.com/advisories/46397 http://www.redhat.com/support/errata/RHSA-2011-0004.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/45039 http://www.securitytracker.com/id?1024786 http://www.vmware.com/security/advisories/VMSA-2011-0012.html ht • CWE-399: Resource Management Errors •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

CVE-2010-2070 – /kernel/security/CVE-2006-0742 test cause kernel-xen panic on ia64

https://notcve.org/view.php?id=CVE-2010-2070

arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions, when running on IA-64 architectures, allows local users to cause a denial of service and "turn on BE by modifying the user mask of the PSR," as demonstrated via exploitation of CVE-2006-0742. arch/ia64/xen/faults.c en Xen v3.4 y v4.0 en el kernel de Linux v2.6.18, y posiblemente otras versiones, cuando se ejecuta sobre arquitecturas IA-64, permite a usuarios locales provocar una denegación de servicio y "activar BE mediante la modificación de la máscara de usuario del PSR". Como se ha demostrado explotando el CVE-2006-0742. • http://osvdb.org/65541 http://secunia.com/advisories/43315 http://www.openwall.com/lists/oss-security/2010/06/10/2 http://www.redhat.com/support/errata/RHSA-2010-0610.html http://www.securityfocus.com/archive/1/516397/100/0/threaded http://www.securityfocus.com/bid/40776 http://www.vmware.com/security/advisories/VMSA-2011-0003.html http://xenbits.xensource.com/xen-4.0-testing.hg?rev/42caadb14edb https://bugzilla.redhat.com/show_bug.cgi?id=586415 https://exchange •