CVE Vulnerabilities

CVE-2011-2519

NULL Pointer Dereference

Published: Dec 27, 2013 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.5 MEDIUM
AV:A/AC:L/Au:S/C:N/I:N/A:C
RedHat/V2
5.2 MODERATE
AV:A/AC:M/Au:S/C:N/I:N/A:C
RedHat/V3
Ubuntu
MEDIUM

Xen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Xen Xen * 3.3.0 (excluding)
Red Hat Enterprise Linux 5 RedHat kernel-0:2.6.18-274.3.1.el5 *
Red Hat Enterprise Linux 5.6 EUS - Server Only RedHat kernel-0:2.6.18-238.31.1.el5 *
Xen-3.1 Ubuntu hardy *
Xen-3.2 Ubuntu hardy *
Xen-3.3 Ubuntu maverick *
Xen-3.3 Ubuntu natty *

Potential Mitigations

References