Denial of Service Vulnerability in Xen 3.1.2 with Linux Kernel 2.6.18 on RHEL 5

Denial of Service Vulnerability in Xen 3.1.2 with Linux Kernel 2.6.18 on RHEL 5

CVE-2010-4238 · MEDIUM Severity

AV:A/AC:L/AU:S/C:N/I:N/A:C

The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.