{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-07-07T00:00:00", "descriptions": [{"lang": "en", "value": "Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-01-07T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2011:0927", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"}, {"name": "[oss-security] 20110707 CVE-2011-1780, CVE-2011-1936, kernel/xen issues", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/07/07/3"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:46:00.815Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2011:0927", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"}, {"name": "[oss-security] 20110707 CVE-2011-1780, CVE-2011-1936, kernel/xen issues", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/07/07/3"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-1936", "datePublished": "2014-01-07T19:00:00", "dateReserved": "2011-05-09T00:00:00", "dateUpdated": "2024-08-06T22:46:00.815Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*", "matchCriteriaId": "BFA1950D-1D9F-4401-AA86-CF3028EFD286", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified vectors."}, {"lang": "es", "value": "Xen, al usar procesadores Intel x86 y la extensi\u00f3n de virtualizaci\u00f3n VMX activada, no maneja correctamente la emulaci\u00f3n de la instrucci\u00f3n cpuid cuando se sale de la m\u00e1quina virtual, lo cual permtie a usuarios invitados locales causar denegaci\u00f3n de servicio (ca\u00edda del invitado) a trav\u00e9s de vectores no especificados."}], "id": "CVE-2011-1936", "lastModified": "2014-02-25T14:10:57.950", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.2, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-01-07T19:55:05.953", "references": [{"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2011/07/07/3"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2011:0927", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "kernel-0:2.6.18-238.19.1.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2011-07-15T00:00:00Z"}], "bugzilla": {"description": "kernel: xen: vmx: insecure cpuid vmexit", "id": "706323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=706323"}, "csaw": false, "cvss": {"cvss_base_score": "4.9", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "status": "verified"}, "details": ["Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified vectors."], "name": "CVE-2011-1936", "public_date": "2011-07-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-1936\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-1936"], "statement": "The versions of the Linux kernel as shipped with Red Hat Enterprise Linux 4, 6, and Red Hat Enterprise MRG are not affected. This has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-0927.html.\nAlso, only systems running on x86 architecture with Intel processor and VMX\nvirtualization extension enabled are affected.", "threat_severity": "Moderate"}