From the Red Hat advisory:
* A missing sanity check was found in vbd_create() in the Xen hypervisor
implementation. As CD-ROM drives are not supported by the blkback back-end
driver, attempting to use a virtual CD-ROM drive with blkback could trigger
a denial of service (crash) on the host system running the Xen hypervisor.
(CVE-2010-4238, Moderate)
* A flaw was found in the Linux kernel execve() system call implementation.
A local, unprivileged user could cause large amounts of memory to be
allocated but not visible to the OOM (Out of Memory) killer, triggering a
denial of service. (CVE-2010-4243, Moderate)
* A flaw was found in fixup_page_fault() in the Xen hypervisor
implementation. If a 64-bit para-virtualized guest accessed a certain area
of memory, it could cause a denial of service on the host system running
the Xen hypervisor. (CVE-2010-4255, Moderate)
* A missing initialization flaw was found in the bfa driver used by Brocade
Fibre Channel Host Bus Adapters. A local, unprivileged user could use this
flaw to cause a denial of service by reading a file in the
"/sys/class/fc_host/host#/statistics/" directory. (CVE-2010-4343, Moderate)
| 