Lucene search

[email protected]CVE-2010-2938

HistoryOct 08, 2010 - 9:00 p.m.

CVE-2010-2938

2010-10-0821:00:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2010-2938

vmcs

linux kernel

rhel 5

denial of service (dos)

nvd

7.1 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure (VMCS) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when an Intel platform without Extended Page Tables (EPT) functionality is used, accesses VMCS fields without verifying hardware support for these fields, which allows local users to cause a denial of service (host OS crash) by requesting a VMCS dump for a fully virtualized Xen guest.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.18

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.18

References

secunia.com/advisories/46397

support.avaya.com/css/P8/documents/100113326

www.redhat.com/support/errata/RHSA-2010-0723.html

www.securityfocus.com/archive/1/520102/100/0/threaded

www.securityfocus.com/bid/43578

www.vmware.com/security/advisories/VMSA-2011-0012.html

xenbits.xensource.com/xen-unstable.hg?rev/15911

bugzilla.redhat.com/show_bug.cgi?id=620490

7.1 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2010-2938

prion2 veracode1 debiancve1 seebug1 ubuntucve1 cve1 openvas7 nessus5 centos1 redhat1 oraclelinux2 vmware2