CVE-2010-4247
published 2011-01-11CVE-2010-4247: The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and…
PriorityP417medium5.5CVSS 2.0
AVAACLAuSCNINAC
EPSS
0.73%
49.4th percentile
The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | xen | <= 3.3.2 | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| citrix | xen | — | — |
| vmware | vmware_esxi | — | — |
| vmware | vmware_workstation | — | — |
| vmware | vsphere | — | — |
CVSS provenance
nvdv2.05.5MEDIUMAV:A/AC:L/Au:S/C:N/I:N/A:C
vendor_redhat5.5MEDIUM
vendor_ubuntu1.9LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9hwc-j324-r98v: The do_block_io_op function in (1) drivers/xen/blkback/blkback
ghsa_unreviewed·2022-05-14
CVE-2010-4247 [MEDIUM] CWE-20 GHSA-9hwc-j324-r98v: The do_block_io_op function in (1) drivers/xen/blkback/blkback
The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.
VMware
VMware ESX third party updates for Service Console packages glibc and dhcp
vendor_vmware·2011-10-12·CVSS 4.7
CVE-2010-0296 [MEDIUM] VMware ESX third party updates for Service Console packages glibc and dhcp
VMSA-2011-0012: VMware ESX third party updates for Service Console packages glibc and dhcp
a. ESX third party update for Service Console kernel This update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security issues. The Common Vulnerabilities and Exposures project ( cve.mitre.org) has assigned the names CVE-2010-1083, CVE-2010-2492, CVE-2010-2798, CVE-2010-2938, CVE-2010-2942, CVE-2010-2943, CVE-2010-3015, CVE-2010-3066, CVE-2010-3067, CVE-2010-3078, CVE-2010-3086, CVE-2010-3296, CVE-2010-3432, CVE-2010-3442, CVE-2010-3477, CVE-2010-3699, CVE-2010-3858, CVE-2010-3859, CVE-2010-3865, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-3904, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CV
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2011-07-15·CVSS 1.9
CVE-2010-4247 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Multiple kernel flaws have been fixed.
Dan Rosenberg discovered that multiple terminal ioctls did not correctly
initialize structure memory. A local attacker could exploit this to read
portions of kernel stack memory, leading to a loss of privacy.
(CVE-2010-4076, CVE-2010-4077)
It was discovered that Xen did not correctly handle certain block requests.
A local attacker in a Xen guest could cause the Xen host to use all
available CPU resources, leading to a denial of service. (CVE-2010-4247)
It was discovered that the ICMP stack did not correctly handle certain
unreachable messages. If a remote attacker were able to acquire a socket
lock, they could send specially crafted traffic that would crash the
system, leading to a denial of service. (C
Red Hat
xen: request-processing loop is unbounded in blkback
vendor_redhat·2008-01-18·CVSS 5.5
CVE-2010-4247 [MEDIUM] xen: request-processing loop is unbounded in blkback
xen: request-processing loop is unbounded in blkback
The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.
No detection rules found.
No public exploits indexed.
http://secunia.com/advisories/35093http://secunia.com/advisories/42789http://secunia.com/advisories/46397http://www.openwall.com/lists/oss-security/2010/11/23/1http://www.openwall.com/lists/oss-security/2010/11/24/8http://www.redhat.com/support/errata/RHSA-2011-0004.htmlhttp://www.securityfocus.com/archive/1/520102/100/0/threadedhttp://www.securityfocus.com/bid/45029http://www.vmware.com/security/advisories/VMSA-2011-0012.htmlhttp://www.vupen.com/english/advisories/2011/0024http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251chttp://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91dhttps://bugzilla.redhat.com/show_bug.cgi?id=656206http://secunia.com/advisories/35093http://secunia.com/advisories/42789http://secunia.com/advisories/46397http://www.openwall.com/lists/oss-security/2010/11/23/1http://www.openwall.com/lists/oss-security/2010/11/24/8http://www.redhat.com/support/errata/RHSA-2011-0004.htmlhttp://www.securityfocus.com/archive/1/520102/100/0/threadedhttp://www.securityfocus.com/bid/45029http://www.vmware.com/security/advisories/VMSA-2011-0012.htmlhttp://www.vupen.com/english/advisories/2011/0024http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251chttp://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91dhttps://bugzilla.redhat.com/show_bug.cgi?id=656206
2011-01-11
Published