CVE-2011-2519 — NULL Pointer Dereference in Redhat Enterprise Linux Desktop

CWE-476 — NULL Pointer Dereference8 documents6 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 66.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Redhat Enterprise Linux Desktop Redhat Enterprise Linux Server +4 more

Timeline

PublishedDec 27

Latest updateMay 13

Description

Xen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction.

CVSS vector

AV:A/AC:L/C:N/I:N/A:CExploitability: 5.1 | Impact: 6.9

Affected Packages7 packages

▶NVDredhat/enterprise_linux_server5.0

▶NVDredhat/enterprise_linux_desktop5.0

▶NVDredhat/enterprise_linux_workstation5.0

▶NVDxen/xen< 3.3.0

▶debiandebian/xen

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-7vg8-g6px-4578: Xen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (inval↗2022-05-13

▶

📋Vendor Advisories

Microsoft

CVE-2011-2519: NIST NVD Details: https://nvd↗2020-09-08

▶

Red Hat

kernel: xen: x86_emulate: fix SAHF emulation↗2011-08-30

▶

Debian

CVE-2011-2519: xen - Xen in the Linux kernel, when running a guest on a host without hardware assiste...↗2011

▶

Red Hat

php-pear: symlink vulnerability in PEAR installer↗2010-11-14

▶

💬Community

Bugzilla

CVE-2011-2519 kernel: xen: x86_emulate: fix SAHF emulation [fedora-all]↗2012-03-01

▶

Bugzilla

CVE-2011-2519 kernel: xen: x86_emulate: fix SAHF emulation↗2011-07-05

▶