CVE-2010-0730: Input Validation
First published: Fri Mar 12 2010(Updated: )
Paolo Bonzini found a bug in Xen hypervisor that can be used to crash the guest. Malicious guest userspace process can trick the hypervisor into emulating instruction that causes the crash if it has access to an MMIO region. The bug can be exploited because of an inconsistency between instruction decoding tables and the actual MMIO instruction decoder implementation.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Enterprise Linux | =5 | |
| Red Hat Enterprise Linux | =5 | |
| Red Hat Enterprise Linux | =5 | |
| Red Hat Enterprise Linux | =5-ga | |
| Red Hat Enterprise Linux | =5-ga | |
| Red Hat Enterprise Linux | =5-ga | |
| Red Hat Enterprise Linux | =5.0 | |
| redhat enterprise Linux desktop | =5.0 | |
| Linux Kernel | =2.6.18 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.redhat.com/support/errata/RHSA-2010-0398.html
- http://secunia.com/advisories/39649
- http://www.securityfocus.com/bid/39979
- https://bugzilla.redhat.com/show_bug.cgi?id=572971
- http://www.openwall.com/lists/oss-security/2010/05/07/1
- http://support.avaya.com/css/P8/documents/100088287
- http://www.vmware.com/security/advisories/VMSA-2011-0003.html
- http://secunia.com/advisories/43315
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11430
- http://www.securityfocus.com/archive/1/516397/100/0/threaded
- https://rhn.redhat.com/errata/RHSA-2010-0398.html
- http://people.redhat.com/jwilson/el5
- collector/nvd-historical
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/remedy
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-0730
- agent/event
- agent/trending
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/5
- version/red hat enterprise linux/5-ga
- version/red hat enterprise linux/5.0
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/5.0
- vendor/linux
- canonical/linux kernel
- version/linux kernel/2.6.18