Denial of Service in Xen 3.x Backend Driver by Xen Project
CVE-2010-3699

Currently unrated

Key Information:

Vendor
Citrix
Status
Vendor
CVE Published:
8 December 2010

Summary

A vulnerability in the backend driver of Xen 3.x allows unauthorized users within guest operating systems to exploit a kernel thread leak. This exploit can result in a denial of service, manifesting as the inability to properly shut down the device and guest OS, leading to the creation of zombie domains or causing hangs in monitoring tools such as zenwatch. Additionally, it compromises the proper execution of certain xm commands, specifically relating to netback, blkback, and blktap.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.