{
  "threat_severity" : "Moderate",
  "public_date" : "2011-07-07T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: xen: vmx: insecure cpuid vmexit",
    "id" : "706323",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=706323"
  },
  "cvss" : {
    "cvss_base_score" : "4.9",
    "cvss_scoring_vector" : "AV:L/AC:L/Au:N/C:N/I:N/A:C",
    "status" : "verified"
  },
  "details" : [ "Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified vectors." ],
  "statement" : "The versions of the Linux kernel as shipped with Red Hat Enterprise Linux 4, 6, and Red Hat Enterprise MRG are not affected. This has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-0927.html.\nAlso, only systems running on x86 architecture with Intel processor and VMX\nvirtualization extension enabled are affected.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2011-07-15T00:00:00Z",
    "advisory" : "RHSA-2011:0927",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "kernel-0:2.6.18-238.19.1.el5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-1936\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-1936" ],
  "name" : "CVE-2011-1936",
  "csaw" : false
}