Secunia
Login
|
|
CVE Reference: CVE-2010-0306 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2010-0306 |
|
|
Description: The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) to restrict instruction execution, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, and replacing an instruction in between emulator entry and instruction fetch, a related issue to CVE-2010-0298. |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA38499 Secunia Advisory: SA38492 REDHAT OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10953 DEBIAN http://www.debian.org/security/2010/dsa-1996 CONFIRM BID 38158 |
|
| Return to the previous page. |
