Back to search
CVE-2010-0298
Published: Feb 12, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, a related issue to CVE-2010-0306.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
38158
vdb-entry
x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=559091
x_refsource_CONFIRM
oval:org.mitre.oval:def:11335
vdb-entry
signature
x_refsource_OVAL
RHSA-2010:0088
vendor-advisory
x_refsource_REDHAT
DSA-1996
vendor-advisory
x_refsource_DEBIAN
RHSA-2010:0095
vendor-advisory
x_refsource_REDHAT
38492
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now