REDHAT-BUG-572971
First published: Fri Mar 12 2010(Updated: )
Paolo Bonzini found a bug in Xen hypervisor that can be used to crash the guest. Malicious guest userspace process can trick the hypervisor into emulating instruction that causes the crash if it has access to an MMIO region. The bug can be exploited because of an inconsistency between instruction decoding tables and the actual MMIO instruction decoder implementation.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xen Hypervisor |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-572971?
REDHAT-BUG-572971 has a high severity as it allows a malicious guest userspace process to crash the hypervisor.
How do I fix REDHAT-BUG-572971?
To fix REDHAT-BUG-572971, users should apply the latest security updates provided by their distribution for the Xen Hypervisor.
Who is affected by REDHAT-BUG-572971?
The vulnerability REDHAT-BUG-572971 affects systems running the Xen Hypervisor.
What causes the vulnerability REDHAT-BUG-572971?
The vulnerability REDHAT-BUG-572971 is caused by an inconsistency between instruction execution and memory management in the Xen hypervisor.
Can REDHAT-BUG-572971 be exploited remotely?
No, REDHAT-BUG-572971 requires a malicious user in the guest environment to exploit the vulnerability.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-0730
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/xen project
- canonical/xen hypervisor