Back to search
CVE-2010-2938
Published: Oct 8, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure (VMCS) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when an Intel platform without Extended Page Tables (EPT) functionality is used, accesses VMCS fields without verifying hardware support for these fields, which allows local users to cause a denial of service (host OS crash) by requesting a VMCS dump for a fully virtualized Xen guest.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2010:0723
vendor-advisory
x_refsource_REDHAT
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
mailing-list
x_refsource_BUGTRAQ
43578
vdb-entry
x_refsource_BID
46397
third-party-advisory
x_refsource_SECUNIA
http://xenbits.xensource.com/xen-unstable.hg?rev/15911
x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
x_refsource_CONFIRM
http://support.avaya.com/css/P8/documents/100113326
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=620490
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now