Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2010-4255

The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.1%
CVSS Severity
CVSS v2 Score 6.1
References
Products affected by CVE-2010-4255
  • Citrix » Xen » Version: Any
    cpe:2.3:a:citrix:xen:*
  • Citrix » Xen » Version: 3.0.2
    cpe:2.3:a:citrix:xen:3.0.2
  • Citrix » Xen » Version: 3.0.3
    cpe:2.3:a:citrix:xen:3.0.3
  • Citrix » Xen » Version: 3.0.4
    cpe:2.3:a:citrix:xen:3.0.4
  • Citrix » Xen » Version: 3.1.2
    cpe:2.3:a:citrix:xen:3.1.2
  • Citrix » Xen » Version: 3.1.3
    cpe:2.3:a:citrix:xen:3.1.3
  • Citrix » Xen » Version: 3.1.4
    cpe:2.3:a:citrix:xen:3.1.4
  • Citrix » Xen » Version: 3.2.0
    cpe:2.3:a:citrix:xen:3.2.0
  • Citrix » Xen » Version: 3.2.1
    cpe:2.3:a:citrix:xen:3.2.1
  • Citrix » Xen » Version: 3.2.2
    cpe:2.3:a:citrix:xen:3.2.2
  • Citrix » Xen » Version: 3.2.3
    cpe:2.3:a:citrix:xen:3.2.3
  • Citrix » Xen » Version: 3.3.0
    cpe:2.3:a:citrix:xen:3.3.0
  • Citrix » Xen » Version: 3.3.1
    cpe:2.3:a:citrix:xen:3.3.1
  • Citrix » Xen » Version: 3.3.2
    cpe:2.3:a:citrix:xen:3.3.2
  • Citrix » Xen » Version: 3.4.0
    cpe:2.3:a:citrix:xen:3.4.0
  • Citrix » Xen » Version: 3.4.1
    cpe:2.3:a:citrix:xen:3.4.1
  • Citrix » Xen » Version: 3.4.2
    cpe:2.3:a:citrix:xen:3.4.2
  • Citrix » Xen » Version: 3.4.3
    cpe:2.3:a:citrix:xen:3.4.3
  • Citrix » Xen » Version: 4.0.0
    cpe:2.3:a:citrix:xen:4.0.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved