The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows guest OS users to cause a denial of service (32-bit guest OS crash) via vectors that trigger an unspecified instruction emulation.
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
| Link | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2010/05/07/1 | mailing list |
| http://www.securityfocus.com/bid/39979 | vdb entry |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11430 | vdb entry signature |
| http://secunia.com/advisories/39649 | third party advisory vendor advisory |
| http://secunia.com/advisories/43315 | third party advisory |
| http://www.redhat.com/support/errata/RHSA-2010-0398.html | patch vendor advisory |
| http://www.vmware.com/security/advisories/VMSA-2011-0003.html | |
| http://support.avaya.com/css/P8/documents/100088287 | |
| http://www.securityfocus.com/archive/1/516397/100/0/threaded | mailing list |
| https://bugzilla.redhat.com/show_bug.cgi?id=572971 |