Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 26 Jan 2011 06:46:34 +0800
From: Eugene Teo <>
CC: "Steven M. Christey" <>
Subject: CVE-2010-4238 xen dom0 issue

A missing sanity check was found in vbd_create() in the Xen hypervisor
implementation. As CD-ROM drives are not supported by the blkback 
back-end driver, attempting to use a virtual CD-ROM drive with blkback 
could trigger a denial of service (crash) on the host system running the 
Xen hypervisor.

This affects Red Hat Enterprise Linux 5 only. There's no upstream patch.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.