ID CVE-2010-2938
Summary arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure (VMCS) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when an Intel platform without Extended Page Tables (EPT) functionality is used, accesses VMCS fields without verifying hardware support for these fields, which allows local users to cause a denial of service (host OS crash) by requesting a VMCS dump for a fully virtualized Xen guest.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
CVSS
Base: 4.9 (as of 10-10-2018 - 20:00)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:C
redhat via4
advisories
rhsa
id RHSA-2010:0723
rpms
  • kernel-0:2.6.18-194.17.1.el5
  • kernel-PAE-0:2.6.18-194.17.1.el5
  • kernel-PAE-devel-0:2.6.18-194.17.1.el5
  • kernel-debug-0:2.6.18-194.17.1.el5
  • kernel-debug-devel-0:2.6.18-194.17.1.el5
  • kernel-devel-0:2.6.18-194.17.1.el5
  • kernel-doc-0:2.6.18-194.17.1.el5
  • kernel-headers-0:2.6.18-194.17.1.el5
  • kernel-kdump-0:2.6.18-194.17.1.el5
  • kernel-kdump-devel-0:2.6.18-194.17.1.el5
  • kernel-xen-0:2.6.18-194.17.1.el5
  • kernel-xen-devel-0:2.6.18-194.17.1.el5
refmap via4
bid 43578
bugtraq 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
confirm
secunia 46397
Last major update 10-10-2018 - 20:00
Published 08-10-2010 - 21:00
Back to Top