Red Hat Xen MMIO Instruction Decoder Local Guest Denial Of Service Vulnerability
BID:39979
Info
Red Hat Xen MMIO Instruction Decoder Local Guest Denial Of Service Vulnerability
| Bugtraq ID: | 39979 |
| Class: | Input Validation Error |
| CVE: |
CVE-2010-0730 |
| Remote: | No |
| Local: | Yes |
| Published: | May 06 2010 12:00AM |
| Updated: | Feb 11 2011 05:19PM |
| Credit: | Paolo Bonzini |
| Vulnerable: |
VMWare ESX Server 4.1 VMWare ESX Server 4.0 RedHat Enterprise Linux 5 server Red Hat Enterprise Linux Desktop 5 client Avaya Voice Portal 5.0 SP2 Avaya Voice Portal 5.0 SP1 Avaya Voice Portal 5.0 Avaya IQ 4.1 Avaya IQ 5 Avaya Aura System Platform 1.1 Avaya Aura System Manager 5.2 Avaya Aura Session Manager 5.2 Avaya Aura Session Manager 1.1 Avaya Aura Communication Manager 5.2 Avaya Aura Application Enablement Services 5.2 |
| Not Vulnerable: |
VMWare ESX Server 4.1 ESX410-201101201 |
Discussion
Red Hat Xen MMIO Instruction Decoder Local Guest Denial Of Service Vulnerability
Red Hat Xen is prone to a denial-of-service vulnerability because of an error in the memory-mapped I/O (MMIO) decoder implementation.
An attacker in the guest operating system can exploit this issue to cause the guest to crash, by using the hypervisor to emulate the affected MMIO instruction. Successful attacks will result in a denial-of-service condition in the guest.
This issue affects 32 bit guests on the Xen implementation for Red Hat Enterprise Linux 5.
Red Hat Xen is prone to a denial-of-service vulnerability because of an error in the memory-mapped I/O (MMIO) decoder implementation.
An attacker in the guest operating system can exploit this issue to cause the guest to crash, by using the hypervisor to emulate the affected MMIO instruction. Successful attacks will result in a denial-of-service condition in the guest.
This issue affects 32 bit guests on the Xen implementation for Red Hat Enterprise Linux 5.
Exploit / POC
Red Hat Xen MMIO Instruction Decoder Local Guest Denial Of Service Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Red Hat Xen MMIO Instruction Decoder Local Guest Denial Of Service Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Red Hat Xen MMIO Instruction Decoder Local Guest Denial Of Service Vulnerability
References:
References: