CVE-2010-4238
published 2011-01-22CVE-2010-4238: The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of…
PriorityP418medium5.5CVSS 2.0
AVAACLAuSCNINAC
EPSS
0.97%
57.5th percentile
The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | xen | — | — |
| vmware | vmware_esxi | — | — |
| vmware | vmware_workstation | — | — |
| vmware | vsphere | — | — |
CVSS provenance
nvdv2.05.5MEDIUMAV:A/AC:L/Au:S/C:N/I:N/A:C
vendor_redhat5.5MEDIUM
vendor_ubuntu1.9LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VMware
VMware ESX third party updates for Service Console packages glibc and dhcp
vendor_vmware·2011-10-12·CVSS 4.7
CVE-2010-0296 [MEDIUM] VMware ESX third party updates for Service Console packages glibc and dhcp
VMSA-2011-0012: VMware ESX third party updates for Service Console packages glibc and dhcp
a. ESX third party update for Service Console kernel This update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security issues. The Common Vulnerabilities and Exposures project ( cve.mitre.org) has assigned the names CVE-2010-1083, CVE-2010-2492, CVE-2010-2798, CVE-2010-2938, CVE-2010-2942, CVE-2010-2943, CVE-2010-3015, CVE-2010-3066, CVE-2010-3067, CVE-2010-3078, CVE-2010-3086, CVE-2010-3296, CVE-2010-3432, CVE-2010-3442, CVE-2010-3477, CVE-2010-3699, CVE-2010-3858, CVE-2010-3859, CVE-2010-3865, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-3904, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CV
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2011-08-09·CVSS 1.9
CVE-2010-4249 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Multiple kernel flaws have been fixed.
Dan Rosenberg discovered that IPC structures were not correctly initialized
on 64bit systems. A local attacker could exploit this to read kernel stack
memory, leading to a loss of privacy. (CVE-2010-4073)
Steve Chen discovered that setsockopt did not correctly check MSS values. A
local attacker could make a specially crafted socket call to crash the
system, leading to a denial of service. (CVE-2010-4165)
Vladymyr Denysov discovered that Xen virtual CD-ROM devices were not
handled correctly. A local attacker in a guest could make crafted blkback
requests that would crash the host, leading to a denial of service.
(CVE-2010-4238)
Vegard Nossum discovered that memory garbage collection was not handled
corr
Red Hat
kernel: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV
vendor_redhat·2010-09-20·CVSS 5.5
CVE-2010-4238 [MEDIUM] kernel: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV
kernel: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV
The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information.
GHSA
GHSA-q68m-xchw-w886: The vbd_create function in Xen 3
ghsa_unreviewed·2022-05-14
CVE-2010-4238 [MEDIUM] GHSA-q68m-xchw-w886: The vbd_create function in Xen 3
The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2010-4238 kernel: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV
bugzilla·2010-11-22·CVSS 5.5
CVE-2010-4238 [MEDIUM] CVE-2010-4238 kernel: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV
CVE-2010-4238 kernel: Xen Dom0 crash with Windows 2008 R2 64bit DomU + GPLPV
Description of problem:
Dom0 crashes when installing GPLPV drivers on Windows 2008 R2 guest.
Xen version: 3.1.2-194.11.3.el5
Dom0 kernel: 2.6.18-194.11.3.el5xen
GPLPV: gplpv_Vista2008x64_0.11.0.213.msi and older
Redirected to serial console output:
Unable to handle kernel NULL pointer dereference at 0000000000000108 RIP:
[] :blkbk:update_blkif_status+0x21f/0x2ae
PGD 0
Oops: 0000 [1] SMP
last sysfs file: /class/net/lo/ifindex
CPU 2
Modules linked in: tun xfs ocfs2(U) ipt_MASQUERADE netloop iptable_nat ip_nat
netbk blktap blkbk mptctl mptbase ipmi_watchdog ipmi_si(U) ipmi_devintf(U)
ipmi_msghandler(U) autofs4 hidp l2cap bluetooth ocfs2_dlmfs(U) ocfs2_dlm(U)
ocfs2_nodemanager(U) configfs lockd sunrpc bonding ip_c
Bugzilla
CVE-2010-2117 Firefox: DoS (resource consumption) via JavaScript source with loop of invalid (1) news:// or (2) nntp:// URIs
bugzilla·2010-06-02·CVSS 4.3
CVE-2010-2117 [MEDIUM] CVE-2010-2117 Firefox: DoS (resource consumption) via JavaScript source with loop of invalid (1) news:// or (2) nntp:// URIs
CVE-2010-2117 Firefox: DoS (resource consumption) via JavaScript source with loop of invalid (1) news:// or (2) nntp:// URIs
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-2117 to
the following vulnerability:
Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to
cause a denial of service (resource consumption) via JavaScript code
containing an infinite loop that creates IFRAME elements for invalid
(1) news:// or (2) nntp:// URIs.
References:
[1] http://www.securityfocus.com/archive/1/archive/1/511509/100/0/threaded
[2] http://websecurity.com.ua/4238/
Discussion:
Statement:
The Red Hat Security Response Team does not consider a user assisted denial of service (and potential crash) of end user application, such a Firefox, to be a security issue.
http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517http://secunia.com/advisories/42884http://secunia.com/advisories/46397http://www.redhat.com/support/errata/RHSA-2011-0017.htmlhttp://www.securityfocus.com/archive/1/520102/100/0/threadedhttp://www.securityfocus.com/bid/45795http://www.vmware.com/security/advisories/VMSA-2011-0012.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=655623https://exchange.xforce.ibmcloud.com/vulnerabilities/64698http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517http://secunia.com/advisories/42884http://secunia.com/advisories/46397http://www.redhat.com/support/errata/RHSA-2011-0017.htmlhttp://www.securityfocus.com/archive/1/520102/100/0/threadedhttp://www.securityfocus.com/bid/45795http://www.vmware.com/security/advisories/VMSA-2011-0012.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=655623https://exchange.xforce.ibmcloud.com/vulnerabilities/64698
2011-01-22
Published