CVE-2010-3699

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap.

References

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html

http://secunia.com/advisories/42372

http://secunia.com/advisories/42789

http://secunia.com/advisories/43056

http://secunia.com/advisories/46397

http://www.redhat.com/support/errata/RHSA-2011-0004.html

http://www.securityfocus.com/archive/1/520102/100/0/threaded

http://www.securityfocus.com/bid/45039

http://www.securitytracker.com/id?1024786

http://www.vmware.com/security/advisories/VMSA-2011-0012.html

http://www.vupen.com/english/advisories/2011/0024

http://www.vupen.com/english/advisories/2011/0213

http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b

Details

Source: MITRE

Published: 2010-12-08

Updated: 2018-10-10

Type: CWE-399

Risk Information

CVSS v2

Base Score: 2.7

Vector: AV:A/AC:L/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 5.1

Severity: LOW

Tenable Plugins

View all (13 total)

IDNameProductFamilySeverity
89680VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0012) (remote check)NessusMisc.
high
75554openSUSE Security Update : kernel (openSUSE-SU-2011:0399-1)NessusSuSE Local Security Checks
high
68176Oracle Linux 5 : kernel (ELSA-2011-0004)NessusOracle Linux Local Security Checks
high
60929Scientific Linux Security Update : kernel on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
59154SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 7304)NessusSuSE Local Security Checks
medium
56508VMSA-2011-0012 : VMware ESXi and ESX updates to third-party libraries and ESX Service ConsoleNessusVMware ESX Local Security Checks
high
53740openSUSE Security Update : kernel (openSUSE-SU-2011:0346-1)NessusSuSE Local Security Checks
high
52597SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 4039 / 4042 / 4043)NessusSuSE Local Security Checks
high
52475Ubuntu 8.04 LTS : linux vulnerabilities (USN-1072-1)NessusUbuntu Local Security Checks
high
51818Debian DSA-2153-1 : linux-2.6 - privilege escalation/denial of service/information leakNessusDebian Local Security Checks
high
51752SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 7303)NessusSuSE Local Security Checks
medium
51426CentOS 5 : kernel (CESA-2011:0004)NessusCentOS Local Security Checks
high
51417RHEL 5 : kernel (RHSA-2011:0004)NessusRed Hat Local Security Checks
high