ID CVE-2011-1936
Summary Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified vectors.
References
Vulnerable Configurations
  • cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*
    cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 25-02-2014 - 14:10)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:A/AC:H/Au:N/C:N/I:N/A:C
redhat via4
advisories
rhsa
id RHSA-2011:0927
rpms
  • kernel-0:2.6.18-238.19.1.el5
  • kernel-PAE-0:2.6.18-238.19.1.el5
  • kernel-PAE-debuginfo-0:2.6.18-238.19.1.el5
  • kernel-PAE-devel-0:2.6.18-238.19.1.el5
  • kernel-debug-0:2.6.18-238.19.1.el5
  • kernel-debug-debuginfo-0:2.6.18-238.19.1.el5
  • kernel-debug-devel-0:2.6.18-238.19.1.el5
  • kernel-debuginfo-0:2.6.18-238.19.1.el5
  • kernel-debuginfo-common-0:2.6.18-238.19.1.el5
  • kernel-devel-0:2.6.18-238.19.1.el5
  • kernel-doc-0:2.6.18-238.19.1.el5
  • kernel-headers-0:2.6.18-238.19.1.el5
  • kernel-kdump-0:2.6.18-238.19.1.el5
  • kernel-kdump-debuginfo-0:2.6.18-238.19.1.el5
  • kernel-kdump-devel-0:2.6.18-238.19.1.el5
  • kernel-xen-0:2.6.18-238.19.1.el5
  • kernel-xen-debuginfo-0:2.6.18-238.19.1.el5
  • kernel-xen-devel-0:2.6.18-238.19.1.el5
refmap via4
mlist [oss-security] 20110707 CVE-2011-1780, CVE-2011-1936, kernel/xen issues
Last major update 25-02-2014 - 14:10
Published 07-01-2014 - 19:55
Last modified 25-02-2014 - 14:10
Back to Top