fkie_nvd - fkie_cve-2010-3699

fkie_cve-2010-3699

Vulnerability from fkie_nvd

Published

2010-12-08 20:00

Modified

2024-11-21 01:19

Severity ?

Summary

The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap.

References

URL	Tags
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html
secalert@redhat.com	http://secunia.com/advisories/42372	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/42789
secalert@redhat.com	http://secunia.com/advisories/43056
secalert@redhat.com	http://secunia.com/advisories/46397
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2011-0004.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/520102/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/45039
secalert@redhat.com	http://www.securitytracker.com/id?1024786
secalert@redhat.com	http://www.vmware.com/security/advisories/VMSA-2011-0012.html
secalert@redhat.com	http://www.vupen.com/english/advisories/2011/0024
secalert@redhat.com	http://www.vupen.com/english/advisories/2011/0213
secalert@redhat.com	http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b	Patch
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42372	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42789
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43056
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46397
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2011-0004.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/520102/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/45039
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1024786
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2011-0012.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0024
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0213
af854a3a-2127-422b-91ae-364da2661108	http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b	Patch

Impacted products

Vendor	Product	Version
citrix	xen	3.0.2
citrix	xen	3.0.3
citrix	xen	3.0.4
citrix	xen	3.1.3
citrix	xen	3.1.4
citrix	xen	3.2.0
citrix	xen	3.2.1
citrix	xen	3.2.2
citrix	xen	3.2.3
citrix	xen	3.3.0
citrix	xen	3.3.1
citrix	xen	3.3.2
citrix	xen	3.4.0
citrix	xen	3.4.1
citrix	xen	3.4.2
citrix	xen	3.4.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D97BF124-C4F1-452D-B5B4-0EBDB01E0DED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C9A466D-2E51-4662-8E85-8F5FA7B94A04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C42C6DE-F11E-454E-AA0A-7466E74A904A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFAB978D-9364-4DB4-872B-CD52FA271F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "296411C1-F3EB-4D2E-9F95-3F6BA9FE4C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "25EAB8E4-99D5-4970-AAAD-1762F0A2CD02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7CB6DD9-1E32-4242-9DAB-082F03769723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E65CBEF-76BD-4FCC-8094-15B93E98515F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C258D5F5-970D-42E8-BE0F-AAC993AE2819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29D50CDE-9F80-4C2E-A1F4-530B6C2D8E6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55C9A065-28F1-4C60-86B6-DBB33ABEAE80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02C8B74D-535D-48FF-8982-BCC28CB7EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0BD93F4-FF44-46BD-B9BA-0A13A210B238",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50786C9D-CBE1-4CA7-A159-2DACEA9FC739",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8BA4D2F-47C9-4127-92B3-21F91C73FCC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "905310D3-4E25-4C03-9D9A-6658FC307632",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap."
    },
    {
      "lang": "es",
      "value": "El driver backend en Xen v3.x permite a usuarios del OS causar una denegaci\u00f3n de servicio a trav\u00e9s de una fuga en el hilo del kernel, lo que evita que el dispositivo y el invitado OS sean apagados o se cree un dominio zombie, causando una ca\u00edda en zenwatch, o impida que comandos sin especificar xm trabajen de forma adecuada, relacionado con (1) netback, (2) blkback, o (3) blktap."
    }
  ],
  "id": "CVE-2010-3699",
  "lastModified": "2024-11-21T01:19:25.307",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.7,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 5.1,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-12-08T20:00:01.087",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/42372"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42789"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43056"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/46397"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/45039"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1024786"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0024"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0213"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/42372"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42789"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43056"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/46397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/45039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1024786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0213"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2010-3699

Vulnerability from cvelistv5

Published

2010-12-08 19:00

Modified

2024-08-07 03:18