Denial of Service Vulnerability in Xen 3.1.2 Affecting Red Hat Enterprise Linux
CVE-2010-4238

Currently unrated

Key Information:

Vendor
Citrix
Status
Vendor
CVE Published:
22 January 2011

Summary

The vbd_create function in Xen 3.1.2 creates a significant risk when paired with the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5. This vulnerability allows malicious users running guest operating systems to exploit access to a virtual CD-ROM device through the blkback driver, potentially leading to a denial of service condition that results in the host OS becoming unresponsive and ultimately crashing. This can severely impact system stability and availability, making it crucial for organizations to apply timely patches and updates.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.