CVE-2010-0730 — Improper Input Validation in Redhat Enterprise Linux

CWE-20 — Improper Input Validation5 documents5 sources

Severity

2.6LOWNVD

EPSS

3.3%

top 12.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

7

Redhat Enterprise Linux Redhat Enterprise Linux Desktop Vmware Esxi +4 more

Timeline

PublishedMay 12

Latest updateMay 2

Description

The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows guest OS users to cause a denial of service (32-bit guest OS crash) via vectors that trigger an unspecified instruction emulation.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages6 packages

▶NVDredhat/enterprise_linux_desktop5.0

▶vmwarevmware/esxi

▶vmwarevmware/vmware_tools

▶vmwarevmware/vmware_vsphere

▶vmwarevmware/vmware_workstation

Also affects: Enterprise Linux 5, 5.0

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

1

GHSA

GHSA-f4p2-64fc-c2r9: The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2↗2022-05-02

▶

📋Vendor Advisories

2

VMware

Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX↗2011-02-10

▶

Red Hat

xen: emulator instruction decoding inconsistency↗2010-05-06

▶

💬Community

1

Bugzilla

CVE-2010-0730 xen: emulator instruction decoding inconsistency↗2010-03-12

▶