1. Home
  2. Vulnerabilities
  3. CVE-2010-2938

CVE-2010-2938

CVSS v2.0 4.9 (Medium)
49% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 2
Advisories 1
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure (VMCS) implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when an Intel platform without Extended Page Tables (EPT) functionality is used, accesses VMCS fields without verifying hardware support for these fields, which allows local users to cause a denial of service (host OS crash) by requesting a VMCS dump for a fully virtualized Xen guest.

Weaknesses
CWE-399
Resource Management Errors
Related CVEs
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2010-10-08 21:00:02
(14 years ago)
Updated Date
2018-10-10 20:00:22
(6 years ago)

Affected Products

Linux

Redhat

Configuration #1

AND
    CPE23 From Up To
OR  
  Linux Kernel 2.6.18 cpe:2.3:o:linux:linux_kernel:2.6.18
OR  
  Running on/with
  Redhat Enterprise Linux 5 cpe:2.3:o:redhat:enterprise_linux:5