Vulnerability-Lookup

CVE-2010-4255 (GCVE-0-2010-4255)

Vulnerability from cvelistv5 – Published: 2011-01-25 00:00 – Updated: 2024-08-07 03:34

Summary

The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

GSD-2010-4255

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-4255

Aliases

CVE-2010-4255

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-4255",
    "description": "The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.",
    "id": "GSD-2010-4255",
    "references": [
      "https://www.suse.com/security/cve/CVE-2010-4255.html",
      "https://access.redhat.com/errata/RHSA-2011:0017",
      "https://linux.oracle.com/cve/CVE-2010-4255.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-4255"
      ],
      "details": "The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.",
      "id": "GSD-2010-4255",
      "modified": "2023-12-13T01:21:29.667091Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2010-4255",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://secunia.com/advisories/46397",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/46397"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/520102/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
          },
          {
            "name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
            "refsource": "MISC",
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
          },
          {
            "name": "http://secunia.com/advisories/42884",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/42884"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2011-0017.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
          },
          {
            "name": "http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html",
            "refsource": "MISC",
            "url": "http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html"
          },
          {
            "name": "http://openwall.com/lists/oss-security/2010/11/30/5",
            "refsource": "MISC",
            "url": "http://openwall.com/lists/oss-security/2010/11/30/5"
          },
          {
            "name": "http://openwall.com/lists/oss-security/2010/11/30/8",
            "refsource": "MISC",
            "url": "http://openwall.com/lists/oss-security/2010/11/30/8"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=658155",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=658155"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:citrix:xen:3.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2010-4255"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20101130 Re: CVE request: xen: x86-64: don\u0027t crash Xen upon direct pv guest access",
              "refsource": "MLIST",
              "tags": [
                "Patch"
              ],
              "url": "http://openwall.com/lists/oss-security/2010/11/30/8"
            },
            {
              "name": "[xen-devel] 20101129 [PATCH] x86-64: don\u0027t crash Xen upon direct pv guest access",
              "refsource": "MLIST",
              "tags": [
                "Patch"
              ],
              "url": "http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html"
            },
            {
              "name": "[oss-security] 20101130 CVE request: xen: x86-64: don\u0027t crash Xen upon direct pv guest access",
              "refsource": "MLIST",
              "tags": [
                "Patch"
              ],
              "url": "http://openwall.com/lists/oss-security/2010/11/30/5"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=658155",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=658155"
            },
            {
              "name": "RHSA-2011:0017",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
            },
            {
              "name": "42884",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/42884"
            },
            {
              "name": "46397",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/46397"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
            },
            {
              "name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-10T20:07Z",
      "publishedDate": "2011-01-25T01:00Z"
    }
  }
}

GHSA-3X4P-CW57-CGF8

Vulnerability from github – Published: 2022-05-14 02:42 – Updated: 2022-05-14 02:42

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-4255"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-01-25T01:00:00Z",
    "severity": "MODERATE"
  },
  "details": "The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.",
  "id": "GHSA-3x4p-cw57-cgf8",
  "modified": "2022-05-14T02:42:25Z",
  "published": "2022-05-14T02:42:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4255"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=658155"
    },
    {
      "type": "WEB",
      "url": "http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2010/11/30/5"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2010/11/30/8"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42884"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/46397"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2011-AVI-571

Vulnerability from certfr_avis - Published: 2011-10-18 - Updated: 2011-10-18

De nombreuses vulnérabilités présentes dans des bibliothèques tierces parties utilisées par VMWare ESX et VMWare ESXi ont été corrigées.

Description

VMWare a corrigé un nombre conséquent de vulnérabilités dans des bibliothèques tierces utilisées par VMWare ESX et VMWare ESXi.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	VMware	ESXi	VMWare ESXi 4.0.
	VMware	ESXi	VMWare ESX 4.0 ;

References

Title

Publication Time

Tags

Bulletin de sécurité VMWare WMSA-2011-0012 du 12 octobre 2011	None	vendor-advisory
Bulletin de sécurité VMware VMSA-2011-0012 du 12 octobre 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMWare ESXi 4.0.",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMWare ESX 4.0 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nVMWare a corrig\u00e9 un nombre cons\u00e9quent de vuln\u00e9rabilit\u00e9s dans des\nbiblioth\u00e8ques tierces utilis\u00e9es par VMWare ESX et VMWare ESXi.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-1083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1083"
    },
    {
      "name": "CVE-2011-1010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1010"
    },
    {
      "name": "CVE-2010-4346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4346"
    },
    {
      "name": "CVE-2010-3477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3477"
    },
    {
      "name": "CVE-2010-4263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4263"
    },
    {
      "name": "CVE-2010-3859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3859"
    },
    {
      "name": "CVE-2011-1494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1494"
    },
    {
      "name": "CVE-2010-4255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4255"
    },
    {
      "name": "CVE-2010-2938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2938"
    },
    {
      "name": "CVE-2010-4072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4072"
    },
    {
      "name": "CVE-2010-4655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4655"
    },
    {
      "name": "CVE-2010-3865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3865"
    },
    {
      "name": "CVE-2010-4343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4343"
    },
    {
      "name": "CVE-2010-3877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3877"
    },
    {
      "name": "CVE-2011-1659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1659"
    },
    {
      "name": "CVE-2010-4526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4526"
    },
    {
      "name": "CVE-2010-0296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0296"
    },
    {
      "name": "CVE-2010-4249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4249"
    },
    {
      "name": "CVE-2010-4251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4251"
    },
    {
      "name": "CVE-2010-3086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3086"
    },
    {
      "name": "CVE-2011-0282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0282"
    },
    {
      "name": "CVE-2011-1090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1090"
    },
    {
      "name": "CVE-2010-3442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3442"
    },
    {
      "name": "CVE-2010-4161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4161"
    },
    {
      "name": "CVE-2010-3015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3015"
    },
    {
      "name": "CVE-2011-1478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1478"
    },
    {
      "name": "CVE-2010-4157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4157"
    },
    {
      "name": "CVE-2011-0536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0536"
    },
    {
      "name": "CVE-2010-3699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3699"
    },
    {
      "name": "CVE-2010-3066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3066"
    },
    {
      "name": "CVE-2010-3067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3067"
    },
    {
      "name": "CVE-2010-4248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4248"
    },
    {
      "name": "CVE-2010-2942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2942"
    },
    {
      "name": "CVE-2010-4243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4243"
    },
    {
      "name": "CVE-2011-1658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1658"
    },
    {
      "name": "CVE-2010-3880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3880"
    },
    {
      "name": "CVE-2010-3858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3858"
    },
    {
      "name": "CVE-2010-3904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3904"
    },
    {
      "name": "CVE-2010-4247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4247"
    },
    {
      "name": "CVE-2010-3296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3296"
    },
    {
      "name": "CVE-2010-3078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3078"
    },
    {
      "name": "CVE-2010-4073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4073"
    },
    {
      "name": "CVE-2011-1071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1071"
    },
    {
      "name": "CVE-2010-1323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1323"
    },
    {
      "name": "CVE-2011-0521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0521"
    },
    {
      "name": "CVE-2010-4075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4075"
    },
    {
      "name": "CVE-2010-4083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4083"
    },
    {
      "name": "CVE-2011-0281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0281"
    },
    {
      "name": "CVE-2010-4081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4081"
    },
    {
      "name": "CVE-2010-2492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2492"
    },
    {
      "name": "CVE-2010-3876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3876"
    },
    {
      "name": "CVE-2011-1095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1095"
    },
    {
      "name": "CVE-2010-4080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4080"
    },
    {
      "name": "CVE-2010-4238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4238"
    },
    {
      "name": "CVE-2010-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4242"
    },
    {
      "name": "CVE-2010-2798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2798"
    },
    {
      "name": "CVE-2011-0710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0710"
    },
    {
      "name": "CVE-2010-4158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4158"
    },
    {
      "name": "CVE-2010-3432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3432"
    },
    {
      "name": "CVE-2010-2943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2943"
    },
    {
      "name": "CVE-2011-1495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1495"
    }
  ],
  "initial_release_date": "2011-10-18T00:00:00",
  "last_revision_date": "2011-10-18T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2011-0012 du 12 octobre    2011 :",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
    }
  ],
  "reference": "CERTA-2011-AVI-571",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-10-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans des biblioth\u00e8ques tierces\nparties utilis\u00e9es par \u003cspan class=\"textit\"\u003eVMWare ESX\u003c/span\u003e et \u003cspan\nclass=\"textit\"\u003eVMWare ESXi\u003c/span\u003e ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans VMWare ESX et ESXi",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMWare WMSA-2011-0012 du 12 octobre 2011",
      "url": null
    }
  ]
}

FKIE_CVE-2010-4255

Vulnerability from fkie_nvd - Published: 2011-01-25 01:00 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html	Patch
secalert@redhat.com	http://openwall.com/lists/oss-security/2010/11/30/5	Patch
secalert@redhat.com	http://openwall.com/lists/oss-security/2010/11/30/8	Patch
secalert@redhat.com	http://secunia.com/advisories/42884
secalert@redhat.com	http://secunia.com/advisories/46397
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2011-0017.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/520102/100/0/threaded
secalert@redhat.com	http://www.vmware.com/security/advisories/VMSA-2011-0012.html
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=658155	Patch
af854a3a-2127-422b-91ae-364da2661108	http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2010/11/30/5	Patch
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2010/11/30/8	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42884
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46397
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2011-0017.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/520102/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2011-0012.html
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=658155	Patch

Impacted products

Vendor	Product	Version
citrix	xen	*
citrix	xen	3.0.2
citrix	xen	3.0.3
citrix	xen	3.0.4
citrix	xen	3.1.2
citrix	xen	3.1.3
citrix	xen	3.1.4
citrix	xen	3.2.0
citrix	xen	3.2.1
citrix	xen	3.2.2
citrix	xen	3.2.3
citrix	xen	3.3.0
citrix	xen	3.3.1
citrix	xen	3.3.2
citrix	xen	3.4.0
citrix	xen	3.4.1
citrix	xen	3.4.2
citrix	xen	3.4.3
citrix	xen	4.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:citrix:xen:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD35CC3-597F-4518-9E10-C320C4B11B73",
              "versionEndIncluding": "4.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D97BF124-C4F1-452D-B5B4-0EBDB01E0DED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C9A466D-2E51-4662-8E85-8F5FA7B94A04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C42C6DE-F11E-454E-AA0A-7466E74A904A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "819A8279-F973-48B3-9F6A-774CEAD10922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFAB978D-9364-4DB4-872B-CD52FA271F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "296411C1-F3EB-4D2E-9F95-3F6BA9FE4C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "25EAB8E4-99D5-4970-AAAD-1762F0A2CD02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7CB6DD9-1E32-4242-9DAB-082F03769723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E65CBEF-76BD-4FCC-8094-15B93E98515F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C258D5F5-970D-42E8-BE0F-AAC993AE2819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29D50CDE-9F80-4C2E-A1F4-530B6C2D8E6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55C9A065-28F1-4C60-86B6-DBB33ABEAE80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02C8B74D-535D-48FF-8982-BCC28CB7EF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0BD93F4-FF44-46BD-B9BA-0A13A210B238",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50786C9D-CBE1-4CA7-A159-2DACEA9FC739",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8BA4D2F-47C9-4127-92B3-21F91C73FCC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "905310D3-4E25-4C03-9D9A-6658FC307632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:xen:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCB3C3E5-3A28-4CC6-806F-8B47CD4C9FC4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n fixup_page_fault en arch/x86/traps.c en Xen v.4.0.1 y anteriores sobre plataformas 64-bit, cuando se activa la paravirtualizaci\u00f3n, no verifica que el modo kernel est\u00e1 usado para llamar a la funci\u00f3n handle_gdt_ldt_mapping_fault, lo que permite a los usuarios invitados del sistema operativo provocar una denegaci\u00f3n de servicio (host OS BUG_ON) a trav\u00e9s de un acceso de memoria manipulado."
    }
  ],
  "id": "CVE-2010-4255",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-01-25T01:00:01.393",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2010/11/30/5"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2010/11/30/8"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42884"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/46397"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=658155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2010/11/30/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2010/11/30/8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42884"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/46397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=658155"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-4255 (GCVE-0-2010-4255)

GSD-2010-4255

GHSA-3X4P-CW57-CGF8

CERTA-2011-AVI-571

Description

Solution

FKIE_CVE-2010-4255

Tags

Sightings

Nomenclature