ID CVE-2010-3699
Summary The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap.
References
Vulnerable Configurations
  • cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:citrix:xen:3.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:citrix:xen:3.4.3:*:*:*:*:*:*:*
CVSS
Base: 2.7 (as of 10-10-2018 - 20:05)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:A/AC:L/Au:S/C:N/I:N/A:P
redhat via4
advisories
rhsa
id RHSA-2011:0004
rpms
  • kernel-0:2.6.18-194.32.1.el5
  • kernel-PAE-0:2.6.18-194.32.1.el5
  • kernel-PAE-devel-0:2.6.18-194.32.1.el5
  • kernel-debug-0:2.6.18-194.32.1.el5
  • kernel-debug-devel-0:2.6.18-194.32.1.el5
  • kernel-devel-0:2.6.18-194.32.1.el5
  • kernel-doc-0:2.6.18-194.32.1.el5
  • kernel-headers-0:2.6.18-194.32.1.el5
  • kernel-kdump-0:2.6.18-194.32.1.el5
  • kernel-kdump-devel-0:2.6.18-194.32.1.el5
  • kernel-xen-0:2.6.18-194.32.1.el5
  • kernel-xen-devel-0:2.6.18-194.32.1.el5
refmap via4
bid 45039
bugtraq 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
confirm
sectrack 1024786
secunia
  • 42372
  • 42789
  • 43056
  • 46397
suse SUSE-SA:2011:005
vupen
  • ADV-2011-0024
  • ADV-2011-0213
Last major update 10-10-2018 - 20:05
Published 08-12-2010 - 20:00
Back to Top