Vulnerability Details CVE-2010-3699
The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.4%
CVSS Severity
CVSS v2 Score 2.7
References
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html
- http://secunia.com/advisories/42372
- http://secunia.com/advisories/42789
- http://secunia.com/advisories/43056
- http://secunia.com/advisories/46397
- http://www.redhat.com/support/errata/RHSA-2011-0004.html
- http://www.securityfocus.com/archive/1/520102/100/0/threaded
- http://www.securityfocus.com/bid/45039
- http://www.securitytracker.com/id?1024786
- http://www.vmware.com/security/advisories/VMSA-2011-0012.html
- http://www.vupen.com/english/advisories/2011/0024
- http://www.vupen.com/english/advisories/2011/0213
- http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html
- http://secunia.com/advisories/42372
- http://secunia.com/advisories/42789
- http://secunia.com/advisories/43056
- http://secunia.com/advisories/46397
- http://www.redhat.com/support/errata/RHSA-2011-0004.html
- http://www.securityfocus.com/archive/1/520102/100/0/threaded
- http://www.securityfocus.com/bid/45039
- http://www.securitytracker.com/id?1024786
- http://www.vmware.com/security/advisories/VMSA-2011-0012.html
- http://www.vupen.com/english/advisories/2011/0024
- http://www.vupen.com/english/advisories/2011/0213
- http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b
Products affected by CVE-2010-3699
-
cpe:2.3:a:citrix:xen:3.0.2
-
cpe:2.3:a:citrix:xen:3.0.3
-
cpe:2.3:a:citrix:xen:3.0.4
-
cpe:2.3:a:citrix:xen:3.1.3
-
cpe:2.3:a:citrix:xen:3.1.4
-
cpe:2.3:a:citrix:xen:3.2.0
-
cpe:2.3:a:citrix:xen:3.2.1
-
cpe:2.3:a:citrix:xen:3.2.2
-
cpe:2.3:a:citrix:xen:3.2.3
-
cpe:2.3:a:citrix:xen:3.3.0
-
cpe:2.3:a:citrix:xen:3.3.1
-
cpe:2.3:a:citrix:xen:3.3.2
-
cpe:2.3:a:citrix:xen:3.4.0
-
cpe:2.3:a:citrix:xen:3.4.1
-
cpe:2.3:a:citrix:xen:3.4.2
-
cpe:2.3:a:citrix:xen:3.4.3