CVE-2010-3699
Advisory lineage Upstream: 0 Downstream: 2
Downstream
Modified
Published: 08 Dec 2010, 19:00
Last modified:07 Aug 2024, 03:18
Vulnerability Summary
Overall Risk (default)
low
11/100 CVSS Score
2.7 LOW
v2.0 (nvd)
EPSS Score
0.51% LOW
1% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
08 Dec 2010, 19:00
Published
Vulnerability first disclosed
07 Aug 2024, 03:18
Last Modified
Vulnerability information updated
Description
The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap.
CVSS Metrics
- v2.0•LOW•Score: 2.7AV:A/AC:L/Au:S/C:N/I:N/A:P
EPSS Trends
Current EPSS score: 0.51%• Percentile: 67%
Techniques & Countermeasures
- CWE-399•Resource Management Errors
Weaknesses in this category are related to improper management of system resources.
Affected Systems
- citrix•xen
3.0.2 | 3.0.3 | 3.0.4 | 3.1.3 | 3.1.4 | 3.2.0 | 3.2.1 | 3.2.2 | 3.2.3 | 3.3.0 | 3.3.1 | 3.3.2 | 3.4.0 | 3.4.1 | 3.4.2 | 3.4.3
References (13)
- http://secunia.com/advisories/42789
- http://secunia.com/advisories/43056
- http://www.vupen.com/english/advisories/2011/0024
- http://www.redhat.com/support/errata/RHSA-2011-0004.html
- http://www.securityfocus.com/archive/1/520102/100/0/threaded
- http://secunia.com/advisories/46397
- http://www.securitytracker.com/id?1024786
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html
- http://secunia.com/advisories/42372
- http://www.vmware.com/security/advisories/VMSA-2011-0012.html
- http://xenbits.xensource.com/linux-2.6.18-xen.hg?rev/59f097ef181b
- http://www.securityfocus.com/bid/45039
- http://www.vupen.com/english/advisories/2011/0213