Search criteria
18 vulnerabilities found for xen by citrix
CVE-2011-3262 (GCVE-0-2011-3262)
Vulnerability from nvd – Published: 2011-08-19 20:00 – Updated: 2024-08-06 23:29
VLAI?
Summary
tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html"
},
{
"name": "xen-xcdombzimageloader-dos(69381)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69381"
},
{
"name": "[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to \"Lack of error checking in the decompression loop.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html"
},
{
"name": "xen-xcdombzimageloader-dos(69381)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69381"
},
{
"name": "[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to \"Lack of error checking in the decompression loop.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html"
},
{
"name": "xen-xcdombzimageloader-dos(69381)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69381"
},
{
"name": "[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3262",
"datePublished": "2011-08-19T20:00:00",
"dateReserved": "2011-08-19T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1898 (GCVE-0-2011-1898)
Vulnerability from nvd – Published: 2011-08-12 18:00 – Updated: 2024-08-06 22:46
VLAI?
Summary
Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:46:00.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2011:0942",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xen.org/download/index_4.0.2.html"
},
{
"name": "[xen-dev] 20110512 Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://xen.1045712.n5.nabble.com/Xen-security-advisory-CVE-2011-1898-VT-d-PCI-passthrough-MSI-td4390298.html"
},
{
"name": "FEDORA-2011-8403",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062139.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html"
},
{
"name": "openSUSE-SU-2011:0941",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00017.html"
},
{
"name": "FEDORA-2011-8421",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by \"using DMA to generate MSI interrupts by writing to the interrupt injection registers.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-08-23T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SU-2011:0942",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xen.org/download/index_4.0.2.html"
},
{
"name": "[xen-dev] 20110512 Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://xen.1045712.n5.nabble.com/Xen-security-advisory-CVE-2011-1898-VT-d-PCI-passthrough-MSI-td4390298.html"
},
{
"name": "FEDORA-2011-8403",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062139.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html"
},
{
"name": "openSUSE-SU-2011:0941",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00017.html"
},
{
"name": "FEDORA-2011-8421",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1898",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by \"using DMA to generate MSI interrupts by writing to the interrupt injection registers.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2011:0942",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00018.html"
},
{
"name": "http://xen.org/download/index_4.0.2.html",
"refsource": "CONFIRM",
"url": "http://xen.org/download/index_4.0.2.html"
},
{
"name": "[xen-dev] 20110512 Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI",
"refsource": "MLIST",
"url": "http://xen.1045712.n5.nabble.com/Xen-security-advisory-CVE-2011-1898-VT-d-PCI-passthrough-MSI-td4390298.html"
},
{
"name": "FEDORA-2011-8403",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062139.html"
},
{
"name": "http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf",
"refsource": "MISC",
"url": "http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf"
},
{
"name": "http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html",
"refsource": "MISC",
"url": "http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html"
},
{
"name": "openSUSE-SU-2011:0941",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00017.html"
},
{
"name": "FEDORA-2011-8421",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1898",
"datePublished": "2011-08-12T18:00:00",
"dateReserved": "2011-05-04T00:00:00",
"dateUpdated": "2024-08-06T22:46:00.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1583 (GCVE-0-2011-1583)
Vulnerability from nvd – Published: 2011-08-12 18:00 – Updated: 2024-08-06 22:28
VLAI?
Summary
Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:42.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html"
},
{
"name": "RHSA-2011:0496",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-0496.html"
},
{
"name": "[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-08-23T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html"
},
{
"name": "RHSA-2011:0496",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-0496.html"
},
{
"name": "[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1583",
"datePublished": "2011-08-12T18:00:00",
"dateReserved": "2011-04-05T00:00:00",
"dateUpdated": "2024-08-06T22:28:42.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4255 (GCVE-0-2010-4255)
Vulnerability from nvd – Published: 2011-01-25 00:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "RHSA-2011:0017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=658155"
},
{
"name": "[oss-security] 20101130 CVE request: xen: x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/11/30/5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "42884",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42884"
},
{
"name": "[xen-devel] 20101129 [PATCH] x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html"
},
{
"name": "[oss-security] 20101130 Re: CVE request: xen: x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/11/30/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "RHSA-2011:0017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=658155"
},
{
"name": "[oss-security] 20101130 CVE request: xen: x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/11/30/5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "42884",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42884"
},
{
"name": "[xen-devel] 20101129 [PATCH] x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html"
},
{
"name": "[oss-security] 20101130 Re: CVE request: xen: x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/11/30/8"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4255",
"datePublished": "2011-01-25T00:00:00",
"dateReserved": "2010-11-16T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4238 (GCVE-0-2010-4238)
Vulnerability from nvd – Published: 2011-01-22 21:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=655623"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "RHSA-2011:0017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "42884",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42884"
},
{
"name": "45795",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45795"
},
{
"name": "xen-vdbcreate-dos(64698)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64698"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=655623"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "RHSA-2011:0017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "42884",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42884"
},
{
"name": "45795",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45795"
},
{
"name": "xen-vdbcreate-dos(64698)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64698"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4238",
"datePublished": "2011-01-22T21:00:00",
"dateReserved": "2010-11-16T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4247 (GCVE-0-2010-4247)
Vulnerability from nvd – Published: 2011-01-11 01:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42789"
},
{
"name": "ADV-2011-0024",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0024"
},
{
"name": "RHSA-2011:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
},
{
"name": "45029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45029"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "35093",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35093"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=656206"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d"
},
{
"name": "[oss-security] 20101123 CVE request: xen: request-processing loop is unbounded in blkback",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/23/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "[oss-security] 20101124 Re: CVE request: xen: request-processing loop is unbounded in blkback",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/24/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "42789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42789"
},
{
"name": "ADV-2011-0024",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0024"
},
{
"name": "RHSA-2011:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
},
{
"name": "45029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45029"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "35093",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35093"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=656206"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d"
},
{
"name": "[oss-security] 20101123 CVE request: xen: request-processing loop is unbounded in blkback",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/23/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "[oss-security] 20101124 Re: CVE request: xen: request-processing loop is unbounded in blkback",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/24/8"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4247",
"datePublished": "2011-01-11T01:00:00",
"dateReserved": "2010-11-16T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3699 (GCVE-0-2010-3699)
Vulnerability from nvd – Published: 2010-12-08 19:00 – Updated: 2024-08-07 03:18
VLAI?
Summary
The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42789"
},
{
"name": "43056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43056"
},
{
"name": "ADV-2011-0024",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0024"
},
{
"name": "RHSA-2011:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "1024786",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024786"
},
{
"name": "SUSE-SA:2011:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html"
},
{
"name": "42372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42372"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b"
},
{
"name": "45039",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45039"
},
{
"name": "ADV-2011-0213",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0213"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "42789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42789"
},
{
"name": "43056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43056"
},
{
"name": "ADV-2011-0024",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0024"
},
{
"name": "RHSA-2011:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "1024786",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024786"
},
{
"name": "SUSE-SA:2011:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html"
},
{
"name": "42372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42372"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b"
},
{
"name": "45039",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45039"
},
{
"name": "ADV-2011-0213",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0213"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3699",
"datePublished": "2010-12-08T19:00:00",
"dateReserved": "2010-10-01T00:00:00",
"dateUpdated": "2024-08-07T03:18:53.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5716 (GCVE-0-2008-5716)
Vulnerability from nvd – Published: 2008-12-24 17:00 – Updated: 2024-08-07 11:04
VLAI?
Summary
xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue exists because of erroneous set_permissions calls in the fix for CVE-2008-4405.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:04:44.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "xen-xend-xenstore-dos(47668)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47668"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00845.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00847.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00846.html"
},
{
"name": "31499",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "[oss-security] 20081219 CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2008/12/19/1"
},
{
"name": "[xen-devel] 20081218 PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00842.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "xend in Xen 3.3.0 does not properly restrict a guest VM\u0027s write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue exists because of erroneous set_permissions calls in the fix for CVE-2008-4405."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "xen-xend-xenstore-dos(47668)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47668"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00845.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00847.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00846.html"
},
{
"name": "31499",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "[oss-security] 20081219 CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2008/12/19/1"
},
{
"name": "[xen-devel] 20081218 PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00842.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5716",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "xend in Xen 3.3.0 does not properly restrict a guest VM\u0027s write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue exists because of erroneous set_permissions calls in the fix for CVE-2008-4405."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "xen-xend-xenstore-dos(47668)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47668"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00845.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00847.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00846.html"
},
{
"name": "31499",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "[oss-security] 20081219 CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete)",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2008/12/19/1"
},
{
"name": "[xen-devel] 20081218 PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00842.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5716",
"datePublished": "2008-12-24T17:00:00",
"dateReserved": "2008-12-24T00:00:00",
"dateUpdated": "2024-08-07T11:04:44.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4405 (GCVE-0-2008-4405)
Vulnerability from nvd – Published: 2008-10-03 17:18 – Updated: 2024-08-07 10:17
VLAI?
Summary
xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM's write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue was originally reported as an issue in libvirt 0.3.3 and xenstore, but CVE is considering the core issue to be related to Xen.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-2709",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464817"
},
{
"name": "MDVSA-2009:016",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:016"
},
{
"name": "32064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32064"
},
{
"name": "[xen-devel] 20080930 [PATCH] [Xend] Move some backend configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html"
},
{
"name": "SUSE-SR:2009:015",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
},
{
"name": "[oss-security] 20080930 CVE Request (xen)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2008/09/30/6"
},
{
"name": "RHSA-2009:0003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xensource.com/staging/xen-3.3-testing.hg?rev/e0e17216ba70"
},
{
"name": "[xen-devel] 20080930 Re: [PATCH] [Xend] Move some backend configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html"
},
{
"name": "31499",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "oval:org.mitre.oval:def:10627",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10627"
},
{
"name": "1020955",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020955"
},
{
"name": "[oss-security] 20081004 Re: CVE Request (xen)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/04/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464818"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM\u0027s write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue was originally reported as an issue in libvirt 0.3.3 and xenstore, but CVE is considering the core issue to be related to Xen."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-2709",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464817"
},
{
"name": "MDVSA-2009:016",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:016"
},
{
"name": "32064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32064"
},
{
"name": "[xen-devel] 20080930 [PATCH] [Xend] Move some backend configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html"
},
{
"name": "SUSE-SR:2009:015",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
},
{
"name": "[oss-security] 20080930 CVE Request (xen)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2008/09/30/6"
},
{
"name": "RHSA-2009:0003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xensource.com/staging/xen-3.3-testing.hg?rev/e0e17216ba70"
},
{
"name": "[xen-devel] 20080930 Re: [PATCH] [Xend] Move some backend configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html"
},
{
"name": "31499",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "oval:org.mitre.oval:def:10627",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10627"
},
{
"name": "1020955",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020955"
},
{
"name": "[oss-security] 20081004 Re: CVE Request (xen)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/04/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464818"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM\u0027s write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue was originally reported as an issue in libvirt 0.3.3 and xenstore, but CVE is considering the core issue to be related to Xen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-2709",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2709"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=464817",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464817"
},
{
"name": "MDVSA-2009:016",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:016"
},
{
"name": "32064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32064"
},
{
"name": "[xen-devel] 20080930 [PATCH] [Xend] Move some backend configuration",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html"
},
{
"name": "SUSE-SR:2009:015",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
},
{
"name": "[oss-security] 20080930 CVE Request (xen)",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2008/09/30/6"
},
{
"name": "RHSA-2009:0003",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0003.html"
},
{
"name": "http://xenbits.xensource.com/staging/xen-3.3-testing.hg?rev/e0e17216ba70",
"refsource": "CONFIRM",
"url": "http://xenbits.xensource.com/staging/xen-3.3-testing.hg?rev/e0e17216ba70"
},
{
"name": "[xen-devel] 20080930 Re: [PATCH] [Xend] Move some backend configuration",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html"
},
{
"name": "31499",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "oval:org.mitre.oval:def:10627",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10627"
},
{
"name": "1020955",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020955"
},
{
"name": "[oss-security] 20081004 Re: CVE Request (xen)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/04/3"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=464818",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464818"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4405",
"datePublished": "2008-10-03T17:18:00",
"dateReserved": "2008-10-03T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3262 (GCVE-0-2011-3262)
Vulnerability from cvelistv5 – Published: 2011-08-19 20:00 – Updated: 2024-08-06 23:29
VLAI?
Summary
tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html"
},
{
"name": "xen-xcdombzimageloader-dos(69381)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69381"
},
{
"name": "[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to \"Lack of error checking in the decompression loop.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html"
},
{
"name": "xen-xcdombzimageloader-dos(69381)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69381"
},
{
"name": "[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to \"Lack of error checking in the decompression loop.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html"
},
{
"name": "xen-xcdombzimageloader-dos(69381)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69381"
},
{
"name": "[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3262",
"datePublished": "2011-08-19T20:00:00",
"dateReserved": "2011-08-19T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1898 (GCVE-0-2011-1898)
Vulnerability from cvelistv5 – Published: 2011-08-12 18:00 – Updated: 2024-08-06 22:46
VLAI?
Summary
Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:46:00.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2011:0942",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xen.org/download/index_4.0.2.html"
},
{
"name": "[xen-dev] 20110512 Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://xen.1045712.n5.nabble.com/Xen-security-advisory-CVE-2011-1898-VT-d-PCI-passthrough-MSI-td4390298.html"
},
{
"name": "FEDORA-2011-8403",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062139.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html"
},
{
"name": "openSUSE-SU-2011:0941",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00017.html"
},
{
"name": "FEDORA-2011-8421",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062112.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by \"using DMA to generate MSI interrupts by writing to the interrupt injection registers.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-08-23T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SU-2011:0942",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xen.org/download/index_4.0.2.html"
},
{
"name": "[xen-dev] 20110512 Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://xen.1045712.n5.nabble.com/Xen-security-advisory-CVE-2011-1898-VT-d-PCI-passthrough-MSI-td4390298.html"
},
{
"name": "FEDORA-2011-8403",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062139.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html"
},
{
"name": "openSUSE-SU-2011:0941",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00017.html"
},
{
"name": "FEDORA-2011-8421",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062112.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1898",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by \"using DMA to generate MSI interrupts by writing to the interrupt injection registers.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2011:0942",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00018.html"
},
{
"name": "http://xen.org/download/index_4.0.2.html",
"refsource": "CONFIRM",
"url": "http://xen.org/download/index_4.0.2.html"
},
{
"name": "[xen-dev] 20110512 Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI",
"refsource": "MLIST",
"url": "http://xen.1045712.n5.nabble.com/Xen-security-advisory-CVE-2011-1898-VT-d-PCI-passthrough-MSI-td4390298.html"
},
{
"name": "FEDORA-2011-8403",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062139.html"
},
{
"name": "http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf",
"refsource": "MISC",
"url": "http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf"
},
{
"name": "http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html",
"refsource": "MISC",
"url": "http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html"
},
{
"name": "openSUSE-SU-2011:0941",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00017.html"
},
{
"name": "FEDORA-2011-8421",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062112.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1898",
"datePublished": "2011-08-12T18:00:00",
"dateReserved": "2011-05-04T00:00:00",
"dateUpdated": "2024-08-06T22:46:00.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1583 (GCVE-0-2011-1583)
Vulnerability from cvelistv5 – Published: 2011-08-12 18:00 – Updated: 2024-08-06 22:28
VLAI?
Summary
Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:42.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html"
},
{
"name": "RHSA-2011:0496",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-0496.html"
},
{
"name": "[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-08-23T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[Xen-devel] 20110509 Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html"
},
{
"name": "RHSA-2011:0496",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2011-0496.html"
},
{
"name": "[Xen-devel] 20110509 Re: Xen security advisory CVE-2011-1583 - pv kernel image validation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1583",
"datePublished": "2011-08-12T18:00:00",
"dateReserved": "2011-04-05T00:00:00",
"dateUpdated": "2024-08-06T22:28:42.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4255 (GCVE-0-2010-4255)
Vulnerability from cvelistv5 – Published: 2011-01-25 00:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "RHSA-2011:0017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=658155"
},
{
"name": "[oss-security] 20101130 CVE request: xen: x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/11/30/5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "42884",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42884"
},
{
"name": "[xen-devel] 20101129 [PATCH] x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html"
},
{
"name": "[oss-security] 20101130 Re: CVE request: xen: x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2010/11/30/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "RHSA-2011:0017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=658155"
},
{
"name": "[oss-security] 20101130 CVE request: xen: x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/11/30/5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "42884",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42884"
},
{
"name": "[xen-devel] 20101129 [PATCH] x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html"
},
{
"name": "[oss-security] 20101130 Re: CVE request: xen: x86-64: don\u0027t crash Xen upon direct pv guest access",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2010/11/30/8"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4255",
"datePublished": "2011-01-25T00:00:00",
"dateReserved": "2010-11-16T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4238 (GCVE-0-2010-4238)
Vulnerability from cvelistv5 – Published: 2011-01-22 21:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=655623"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "RHSA-2011:0017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "42884",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42884"
},
{
"name": "45795",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45795"
},
{
"name": "xen-vdbcreate-dos(64698)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64698"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.centos.org/bug_view_advanced_page.php?bug_id=4517"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=655623"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "RHSA-2011:0017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "42884",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42884"
},
{
"name": "45795",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45795"
},
{
"name": "xen-vdbcreate-dos(64698)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64698"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4238",
"datePublished": "2011-01-22T21:00:00",
"dateReserved": "2010-11-16T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4247 (GCVE-0-2010-4247)
Vulnerability from cvelistv5 – Published: 2011-01-11 01:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42789"
},
{
"name": "ADV-2011-0024",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0024"
},
{
"name": "RHSA-2011:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
},
{
"name": "45029",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45029"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "35093",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35093"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=656206"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d"
},
{
"name": "[oss-security] 20101123 CVE request: xen: request-processing loop is unbounded in blkback",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/23/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "[oss-security] 20101124 Re: CVE request: xen: request-processing loop is unbounded in blkback",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/24/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "42789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42789"
},
{
"name": "ADV-2011-0024",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0024"
},
{
"name": "RHSA-2011:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
},
{
"name": "45029",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45029"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "35093",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35093"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=656206"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d"
},
{
"name": "[oss-security] 20101123 CVE request: xen: request-processing loop is unbounded in blkback",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/23/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "[oss-security] 20101124 Re: CVE request: xen: request-processing loop is unbounded in blkback",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/24/8"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4247",
"datePublished": "2011-01-11T01:00:00",
"dateReserved": "2010-11-16T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3699 (GCVE-0-2010-3699)
Vulnerability from cvelistv5 – Published: 2010-12-08 19:00 – Updated: 2024-08-07 03:18
VLAI?
Summary
The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42789"
},
{
"name": "43056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43056"
},
{
"name": "ADV-2011-0024",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0024"
},
{
"name": "RHSA-2011:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "1024786",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024786"
},
{
"name": "SUSE-SA:2011:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html"
},
{
"name": "42372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42372"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b"
},
{
"name": "45039",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45039"
},
{
"name": "ADV-2011-0213",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0213"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "42789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42789"
},
{
"name": "43056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43056"
},
{
"name": "ADV-2011-0024",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0024"
},
{
"name": "RHSA-2011:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "1024786",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024786"
},
{
"name": "SUSE-SA:2011:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html"
},
{
"name": "42372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42372"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b"
},
{
"name": "45039",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45039"
},
{
"name": "ADV-2011-0213",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0213"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3699",
"datePublished": "2010-12-08T19:00:00",
"dateReserved": "2010-10-01T00:00:00",
"dateUpdated": "2024-08-07T03:18:53.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5716 (GCVE-0-2008-5716)
Vulnerability from cvelistv5 – Published: 2008-12-24 17:00 – Updated: 2024-08-07 11:04
VLAI?
Summary
xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue exists because of erroneous set_permissions calls in the fix for CVE-2008-4405.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:04:44.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "xen-xend-xenstore-dos(47668)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47668"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00845.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00847.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00846.html"
},
{
"name": "31499",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "[oss-security] 20081219 CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2008/12/19/1"
},
{
"name": "[xen-devel] 20081218 PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00842.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "xend in Xen 3.3.0 does not properly restrict a guest VM\u0027s write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue exists because of erroneous set_permissions calls in the fix for CVE-2008-4405."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "xen-xend-xenstore-dos(47668)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47668"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00845.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00847.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00846.html"
},
{
"name": "31499",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "[oss-security] 20081219 CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2008/12/19/1"
},
{
"name": "[xen-devel] 20081218 PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00842.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5716",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "xend in Xen 3.3.0 does not properly restrict a guest VM\u0027s write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue exists because of erroneous set_permissions calls in the fix for CVE-2008-4405."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "xen-xend-xenstore-dos(47668)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47668"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00845.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00847.html"
},
{
"name": "[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00846.html"
},
{
"name": "31499",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "[oss-security] 20081219 CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete)",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2008/12/19/1"
},
{
"name": "[xen-devel] 20081218 PATCH: Actually make /local/domain/$DOMID readonly to the guest",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00842.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5716",
"datePublished": "2008-12-24T17:00:00",
"dateReserved": "2008-12-24T00:00:00",
"dateUpdated": "2024-08-07T11:04:44.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4405 (GCVE-0-2008-4405)
Vulnerability from cvelistv5 – Published: 2008-10-03 17:18 – Updated: 2024-08-07 10:17
VLAI?
Summary
xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM's write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue was originally reported as an issue in libvirt 0.3.3 and xenstore, but CVE is considering the core issue to be related to Xen.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-2709",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464817"
},
{
"name": "MDVSA-2009:016",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:016"
},
{
"name": "32064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32064"
},
{
"name": "[xen-devel] 20080930 [PATCH] [Xend] Move some backend configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html"
},
{
"name": "SUSE-SR:2009:015",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
},
{
"name": "[oss-security] 20080930 CVE Request (xen)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2008/09/30/6"
},
{
"name": "RHSA-2009:0003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xensource.com/staging/xen-3.3-testing.hg?rev/e0e17216ba70"
},
{
"name": "[xen-devel] 20080930 Re: [PATCH] [Xend] Move some backend configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html"
},
{
"name": "31499",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "oval:org.mitre.oval:def:10627",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10627"
},
{
"name": "1020955",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020955"
},
{
"name": "[oss-security] 20081004 Re: CVE Request (xen)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/04/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464818"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM\u0027s write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue was originally reported as an issue in libvirt 0.3.3 and xenstore, but CVE is considering the core issue to be related to Xen."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-2709",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464817"
},
{
"name": "MDVSA-2009:016",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:016"
},
{
"name": "32064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32064"
},
{
"name": "[xen-devel] 20080930 [PATCH] [Xend] Move some backend configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html"
},
{
"name": "SUSE-SR:2009:015",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
},
{
"name": "[oss-security] 20080930 CVE Request (xen)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2008/09/30/6"
},
{
"name": "RHSA-2009:0003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xensource.com/staging/xen-3.3-testing.hg?rev/e0e17216ba70"
},
{
"name": "[xen-devel] 20080930 Re: [PATCH] [Xend] Move some backend configuration",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html"
},
{
"name": "31499",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "oval:org.mitre.oval:def:10627",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10627"
},
{
"name": "1020955",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020955"
},
{
"name": "[oss-security] 20081004 Re: CVE Request (xen)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/04/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464818"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM\u0027s write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue was originally reported as an issue in libvirt 0.3.3 and xenstore, but CVE is considering the core issue to be related to Xen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-2709",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2709"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=464817",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464817"
},
{
"name": "MDVSA-2009:016",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:016"
},
{
"name": "32064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32064"
},
{
"name": "[xen-devel] 20080930 [PATCH] [Xend] Move some backend configuration",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html"
},
{
"name": "SUSE-SR:2009:015",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
},
{
"name": "[oss-security] 20080930 CVE Request (xen)",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2008/09/30/6"
},
{
"name": "RHSA-2009:0003",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0003.html"
},
{
"name": "http://xenbits.xensource.com/staging/xen-3.3-testing.hg?rev/e0e17216ba70",
"refsource": "CONFIRM",
"url": "http://xenbits.xensource.com/staging/xen-3.3-testing.hg?rev/e0e17216ba70"
},
{
"name": "[xen-devel] 20080930 Re: [PATCH] [Xend] Move some backend configuration",
"refsource": "MLIST",
"url": "http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html"
},
{
"name": "31499",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31499"
},
{
"name": "oval:org.mitre.oval:def:10627",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10627"
},
{
"name": "1020955",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020955"
},
{
"name": "[oss-security] 20081004 Re: CVE Request (xen)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/04/3"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=464818",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464818"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4405",
"datePublished": "2008-10-03T17:18:00",
"dateReserved": "2008-10-03T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}