CVE-2010-4247 - OpenCVE

The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information.

No CVSS v3.1

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:A/AC:L/Au:S/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel
Citrix	Xen

Configuration 1 [-]

AND

OR	cpe:2.3:a:citrix:xen::::::::
	cpe:2.3:a:citrix:xen:3.0.2:::::::*
	cpe:2.3:a:citrix:xen:3.0.3:::::::*
	cpe:2.3:a:citrix:xen:3.0.4:::::::*
	cpe:2.3:a:citrix:xen:3.1.3:::::::*
	cpe:2.3:a:citrix:xen:3.1.4:::::::*
	cpe:2.3:a:citrix:xen:3.2.0:::::::*
	cpe:2.3:a:citrix:xen:3.2.1:::::::*
	cpe:2.3:a:citrix:xen:3.2.2:::::::*
	cpe:2.3:a:citrix:xen:3.2.3:::::::*
	cpe:2.3:a:citrix:xen:3.3.0:::::::*
	cpe:2.3:a:citrix:xen:3.3.1:::::::*

cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*

References

Link	Resource
http://secunia.com/advisories/35093	Vendor Advisory
http://secunia.com/advisories/42789
http://secunia.com/advisories/46397
http://www.openwall.com/lists/oss-security/2010/11/23/1	Patch
http://www.openwall.com/lists/oss-security/2010/11/24/8	Patch
http://www.redhat.com/support/errata/RHSA-2011-0004.html
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.securityfocus.com/bid/45029
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
http://www.vupen.com/english/advisories/2011/0024
http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c	Patch
http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d	Patch
https://bugzilla.redhat.com/show_bug.cgi?id=656206	Patch

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2011-01-11T01:00:00

Updated: 2018-10-10T18:57:01

Reserved: 2010-11-16T00:00:00

Link: CVE-2010-4247

JSON object: View

NVD Information

Status : Modified

Published: 2011-01-11T03:00:04.063

Modified: 2023-11-07T02:06:14.867

Link: CVE-2010-4247

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-01-13T00:00:00", "descriptions": [{"lang": "en", "value": "The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "42789", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42789"}, {"name": "ADV-2011-0024", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0024"}, {"name": "RHSA-2011:0004", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"}, {"name": "45029", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/45029"}, {"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"}, {"name": "46397", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/46397"}, {"name": "35093", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35093"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=656206"}, {"tags": ["x_refsource_MISC"], "url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d"}, {"name": "[oss-security] 20101123 CVE request: xen: request-processing loop is unbounded in blkback", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2010/11/23/1"}, {"tags": ["x_refsource_MISC"], "url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"}, {"name": "[oss-security] 20101124 Re: CVE request: xen: request-processing loop is unbounded in blkback", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2010/11/24/8"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-4247", "datePublished": "2011-01-11T01:00:00", "dateReserved": "2010-11-16T00:00:00", "dateUpdated": "2018-10-10T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:citrix:xen:*:*:*:*:*:*:*:*", "matchCriteriaId": "D74157F7-D69B-4FDF-B80E-325EACDB409B", "versionEndIncluding": "3.3.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "D97BF124-C4F1-452D-B5B4-0EBDB01E0DED", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6C9A466D-2E51-4662-8E85-8F5FA7B94A04", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C42C6DE-F11E-454E-AA0A-7466E74A904A", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "DFAB978D-9364-4DB4-872B-CD52FA271F40", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "296411C1-F3EB-4D2E-9F95-3F6BA9FE4C7D", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "25EAB8E4-99D5-4970-AAAD-1762F0A2CD02", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F7CB6DD9-1E32-4242-9DAB-082F03769723", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "9E65CBEF-76BD-4FCC-8094-15B93E98515F", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "C258D5F5-970D-42E8-BE0F-AAC993AE2819", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29D50CDE-9F80-4C2E-A1F4-530B6C2D8E6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "55C9A065-28F1-4C60-86B6-DBB33ABEAE80", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*", "matchCriteriaId": "C06F0037-DE20-4B4A-977F-BFCFAB026517", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "La funci\u00f3n do_block_io_op en (1) ldrivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c en Xen anterior a v3.4.0 para el kernel Linux v2.6.18, y posiblemente otras versiones, permite a los usuarios invitados del sistema operativo causar una denegaci\u00f3n de servicio (bucle infinito y el consumo de CPU) a trav\u00e9s de un gran \u00edndice de producci\u00f3n de peticiones a los controladores blkback o blktap back-end. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."}], "id": "CVE-2010-4247", "lastModified": "2023-11-07T02:06:14.867", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 5.5, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 5.1, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-01-11T03:00:04.063", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35093"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/42789"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/46397"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.openwall.com/lists/oss-security/2010/11/23/1"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.openwall.com/lists/oss-security/2010/11/24/8"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/45029"}, {"source": "secalert@redhat.com", "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2011/0024"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/7070d34f251c"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/77f831cbb91d"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=656206"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}