Back to search
CVE-2010-0309
Published: Feb 12, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure, which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to read the /dev/port file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
38158
vdb-entry
x_refsource_BID
USN-914-1
vendor-advisory
x_refsource_UBUNTU
ADV-2010-0638
vdb-entry
x_refsource_VUPEN
RHSA-2010:0088
vendor-advisory
x_refsource_REDHAT
38922
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20100202 Re: CVE request - kvm: cat /dev/port in the guest can cause host DoS
mailing-list
x_refsource_MLIST
DSA-1996
vendor-advisory
x_refsource_DEBIAN
oval:org.mitre.oval:def:11095
vdb-entry
signature
x_refsource_OVAL
https://bugzilla.redhat.com/show_bug.cgi?id=560887
x_refsource_CONFIRM
[oss-security] 20100202 CVE request - kvm: cat /dev/port in the guest can cause host DoS
mailing-list
x_refsource_MLIST
[kvm] 20100129 KVM: PIT: control word is write-only
mailing-list
x_refsource_MLIST
RHSA-2010:0095
vendor-advisory
x_refsource_REDHAT
38492
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now