ID CVE-2009-1758
Summary The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "certain address ranges."
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:2.6.18:*:x86_32:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.18:*:x86_32:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:2.6.30:rc4:x86_32:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.30:rc4:x86_32:*:*:*:*:*
  • cpe:2.3:a:xen:xen:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:3.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:3.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:xen:xen:*:*:*:*:*:*:*:*
    cpe:2.3:a:xen:xen:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 29-09-2017 - 01:34)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
oval via4
accepted 2013-04-29T04:04:31.508-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "certain address ranges."
family unix
id oval:org.mitre.oval:def:10313
status accepted
submitted 2010-07-09T03:56:16-04:00
title The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "certain address ranges."
version 24
redhat via4
advisories
bugzilla
id 504565
title e1000e: sporadic hang in netdump
oval
AND
  • comment Red Hat Enterprise Linux 4 is installed
    oval oval:com.redhat.rhba:tst:20070304001
  • OR
    • AND
      • comment kernel is earlier than 0:2.6.9-89.0.3.EL
        oval oval:com.redhat.rhsa:tst:20091132002
      • comment kernel is signed with Red Hat master key
        oval oval:com.redhat.rhba:tst:20070304003
    • AND
      • comment kernel-devel is earlier than 0:2.6.9-89.0.3.EL
        oval oval:com.redhat.rhsa:tst:20091132004
      • comment kernel-devel is signed with Red Hat master key
        oval oval:com.redhat.rhba:tst:20070304005
    • AND
      • comment kernel-doc is earlier than 0:2.6.9-89.0.3.EL
        oval oval:com.redhat.rhsa:tst:20091132022
      • comment kernel-doc is signed with Red Hat master key
        oval oval:com.redhat.rhba:tst:20070304023
    • AND
      • comment kernel-hugemem is earlier than 0:2.6.9-89.0.3.EL
        oval oval:com.redhat.rhsa:tst:20091132020
      • comment kernel-hugemem is signed with Red Hat master key
        oval oval:com.redhat.rhba:tst:20070304021
    • AND
      • comment kernel-hugemem-devel is earlier than 0:2.6.9-89.0.3.EL
        oval oval:com.redhat.rhsa:tst:20091132018
      • comment kernel-hugemem-devel is signed with Red Hat master key
        oval oval:com.redhat.rhba:tst:20070304019
    • AND
      • comment kernel-largesmp is earlier than 0:2.6.9-89.0.3.EL
        oval oval:com.redhat.rhsa:tst:20091132006
      • comment kernel-largesmp is signed with Red Hat master key
        oval oval:com.redhat.rhba:tst:20070304017
    • AND
      • comment kernel-largesmp-devel is earlier than 0:2.6.9-89.0.3.EL
        oval oval:com.redhat.rhsa:tst:20091132016
      • comment kernel-largesmp-devel is signed with Red Hat master key
        oval oval:com.redhat.rhba:tst:20070304013
    • AND
      • comment kernel-smp is earlier than 0:2.6.9-89.0.3.EL
        oval oval:com.redhat.rhsa:tst:20091132014
      • comment kernel-smp is signed with Red Hat master key
        oval oval:com.redhat.rhba:tst:20070304009
    • AND
      • comment kernel-smp-devel is earlier than 0:2.6.9-89.0.3.EL
        oval oval:com.redhat.rhsa:tst:20091132008
      • comment kernel-smp-devel is signed with Red Hat master key
        oval oval:com.redhat.rhba:tst:20070304015
    • AND
      • comment kernel-xenU is earlier than 0:2.6.9-89.0.3.EL
        oval oval:com.redhat.rhsa:tst:20091132012
      • comment kernel-xenU is signed with Red Hat master key
        oval oval:com.redhat.rhba:tst:20070304011
    • AND
      • comment kernel-xenU-devel is earlier than 0:2.6.9-89.0.3.EL
        oval oval:com.redhat.rhsa:tst:20091132010
      • comment kernel-xenU-devel is signed with Red Hat master key
        oval oval:com.redhat.rhba:tst:20070304007
rhsa
id RHSA-2009:1132
released 2009-06-30
severity Important
title RHSA-2009:1132: kernel security and bug fix update (Important)
rpms
  • kernel-0:2.6.18-128.1.14.el5
  • kernel-PAE-0:2.6.18-128.1.14.el5
  • kernel-PAE-devel-0:2.6.18-128.1.14.el5
  • kernel-debug-0:2.6.18-128.1.14.el5
  • kernel-debug-devel-0:2.6.18-128.1.14.el5
  • kernel-devel-0:2.6.18-128.1.14.el5
  • kernel-doc-0:2.6.18-128.1.14.el5
  • kernel-headers-0:2.6.18-128.1.14.el5
  • kernel-kdump-0:2.6.18-128.1.14.el5
  • kernel-kdump-devel-0:2.6.18-128.1.14.el5
  • kernel-xen-0:2.6.18-128.1.14.el5
  • kernel-xen-devel-0:2.6.18-128.1.14.el5
  • kernel-0:2.6.9-89.0.3.EL
  • kernel-devel-0:2.6.9-89.0.3.EL
  • kernel-doc-0:2.6.9-89.0.3.EL
  • kernel-hugemem-0:2.6.9-89.0.3.EL
  • kernel-hugemem-devel-0:2.6.9-89.0.3.EL
  • kernel-largesmp-0:2.6.9-89.0.3.EL
  • kernel-largesmp-devel-0:2.6.9-89.0.3.EL
  • kernel-smp-0:2.6.9-89.0.3.EL
  • kernel-smp-devel-0:2.6.9-89.0.3.EL
  • kernel-xenU-0:2.6.9-89.0.3.EL
  • kernel-xenU-devel-0:2.6.9-89.0.3.EL
refmap via4
bid 34957
debian DSA-1809
mlist
  • [Xen-devel] 20090513 [PATCH] linux/i386: hypervisor_callback adjustments
  • [oss-security] 20090514 CVE Request: XEN local denial of service
secunia
  • 35093
  • 35298
statements via4
contributor Tomas Hoger
lastmodified 2009-09-10
organization Red Hat
statement This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, and Red Hat Enterprise MRG. It was addressed in Red Hat Enterprise Linux 4 and 5 via https://rhn.redhat.com/errata/RHSA-2009-1132.html and https://rhn.redhat.com/errata/RHSA-2009-1106.html .
Last major update 29-09-2017 - 01:34
Published 22-05-2009 - 11:52
Back to Top