Date: Wed, 26 Jan 2011 06:46:34 +0800 From: Eugene Teo <eugene@...hat.com> To: oss-security@...ts.openwall.com CC: "Steven M. Christey" <coley@...us.mitre.org> Subject: CVE-2010-4238 xen dom0 issue A missing sanity check was found in vbd_create() in the Xen hypervisor implementation. As CD-ROM drives are not supported by the blkback back-end driver, attempting to use a virtual CD-ROM drive with blkback could trigger a denial of service (crash) on the host system running the Xen hypervisor. https://bugzilla.redhat.com/CVE-2010-4238 This affects Red Hat Enterprise Linux 5 only. There's no upstream patch. https://bugzilla.redhat.com/CVE-2010-4238 Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.