Published: 11/01/2011 Updated: 07/11/2023

CVSS v2 Base Score: 5.5 | Impact Score: 6.9 | Exploitability Score: 5.1

VMScore: 490

Vector: AV:A/AC:L/Au:S/C:N/I:N/A:C

The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen prior to 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
citrix xen
citrix xen 3.0.2
citrix xen 3.0.3
citrix xen 3.0.4
citrix xen 3.1.3
citrix xen 3.1.4
citrix xen 3.2.0
citrix xen 3.2.1
citrix xen 3.2.2
citrix xen 3.2.3
citrix xen 3.3.0
citrix xen 3.3.1

Multiple kernel flaws have been fixed ...

CWE-20 http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c http://www.securityfocus.com/bid/45029 http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d http://www.openwall.com/lists/oss-security/2010/11/23/1 https://bugzilla.redhat.com/show_bug.cgi?id=656206 http://secunia.com/advisories/35093 http://www.openwall.com/lists/oss-security/2010/11/24/8 http://www.redhat.com/support/errata/RHSA-2011-0004.html http://www.vupen.com/english/advisories/2011/0024 http://secunia.com/advisories/42789 http://secunia.com/advisories/46397 http://www.vmware.com/security/advisories/VMSA-2011-0012.html http://www.securityfocus.com/archive/1/520102/100/0/threaded https://usn.ubuntu.com/1170-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-4247

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect