VYPR
Unrated severityNVD Advisory· Published Jan 25, 2011· Updated Jun 16, 2026

CVE-2010-4255

CVE-2010-4255

Description

The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

20
  • Citrix Systems/Xen19 versions
    cpe:2.3:a:citrix:xen:*:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:citrix:xen:*:*:*:*:*:*:*:*range: <=4.0.1
    • cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:3.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:citrix:xen:4.0.0:*:*:*:*:*:*:*
  • Xen/Xenllm-fuzzy
    Range: <=4.0.1

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.