CVE-2010-4247

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2010-4247
The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.

5.5 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:L/Au:S/C:N/I:N/A:C

Exploitability : 5.1 / Impact : 6.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
http://secunia.com/advisories/35093 Vendor Advisory
http://secunia.com/advisories/42789
http://secunia.com/advisories/46397
http://www.openwall.com/lists/oss-security/2010/11/23/1 Patch
http://www.openwall.com/lists/oss-security/2010/11/24/8 Patch
http://www.redhat.com/support/errata/RHSA-2011-0004.html
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.securityfocus.com/bid/45029
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
http://www.vupen.com/english/advisories/2011/0024
http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c Patch
http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d Patch
https://bugzilla.redhat.com/show_bug.cgi?id=656206 Patch
http://secunia.com/advisories/35093 Vendor Advisory
http://secunia.com/advisories/42789
http://secunia.com/advisories/46397
http://www.openwall.com/lists/oss-security/2010/11/23/1 Patch
http://www.openwall.com/lists/oss-security/2010/11/24/8 Patch
http://www.redhat.com/support/errata/RHSA-2011-0004.html
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.securityfocus.com/bid/45029
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
http://www.vupen.com/english/advisories/2011/0024
http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c Patch
http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d Patch
https://bugzilla.redhat.com/show_bug.cgi?id=656206 Patch
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:citrix:xen:*:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*
cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*
History

21 Nov 2024, 01:20

Type Values Removed Values Added
References () http://secunia.com/advisories/35093 - Vendor Advisory () http://secunia.com/advisories/35093 - Vendor Advisory
References () http://secunia.com/advisories/42789 - () http://secunia.com/advisories/42789 -
References () http://secunia.com/advisories/46397 - () http://secunia.com/advisories/46397 -
References () http://www.openwall.com/lists/oss-security/2010/11/23/1 - Patch () http://www.openwall.com/lists/oss-security/2010/11/23/1 - Patch
References () http://www.openwall.com/lists/oss-security/2010/11/24/8 - Patch () http://www.openwall.com/lists/oss-security/2010/11/24/8 - Patch
References () http://www.redhat.com/support/errata/RHSA-2011-0004.html - () http://www.redhat.com/support/errata/RHSA-2011-0004.html -
References () http://www.securityfocus.com/archive/1/520102/100/0/threaded - () http://www.securityfocus.com/archive/1/520102/100/0/threaded -
References () http://www.securityfocus.com/bid/45029 - () http://www.securityfocus.com/bid/45029 -
References () http://www.vmware.com/security/advisories/VMSA-2011-0012.html - () http://www.vmware.com/security/advisories/VMSA-2011-0012.html -
References () http://www.vupen.com/english/advisories/2011/0024 - () http://www.vupen.com/english/advisories/2011/0024 -
References () http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c - Patch () http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c - Patch
References () http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d - Patch () http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d - Patch
References () https://bugzilla.redhat.com/show_bug.cgi?id=656206 - Patch () https://bugzilla.redhat.com/show_bug.cgi?id=656206 - Patch

07 Nov 2023, 02:06

Type Values Removed Values Added
Summary The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information. The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.
Information

Published : 2011-01-11 03:00

Updated : 2024-11-21 01:20

NVD link : CVE-2010-4247

Mitre link : CVE-2010-4247

CVE.ORG link : CVE-2010-4247

JSON object : View

Products Affected

linux

  • linux_kernel

citrix

  • xen
CWE
CWE-20

Improper Input Validation


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024