CVE-2010-4247

Currently unrated

Key Information:

Vendor: Citrix
Status: Xen
Vendor: CVE Published:; 11 January 2011

Summary

The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.

References

http://secunia.com/advisories/42789

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2011/0024

vdb-entryx_refsource_VUPEN

http://www.redhat.com/support/errata/RHSA-2011-0004.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Jan 11, 2011
Vulnerability Reserved
Nov 16, 2010

Collectors

NVD DatabaseMitre Database