CVE-2010-0435 - The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, wh

CVE-2010-0435

Summary

The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation.

References

Vulnerable Configurations

cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*
cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 13-02-2023 - 04:16)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:S/C:N/I:N/A:C

redhat via4

advisories

rhsa
id RHSA-2010:0622
rhsa
id RHSA-2010:0627

rpms

rhev-hypervisor-0:5.5-2.2.6.1.el5_5rhev2_2
rhev-hypervisor-pxe-0:5.5-2.2.6.1.el5_5rhev2_2
kmod-kvm-0:83-164.el5_5.21
kvm-0:83-164.el5_5.21
kvm-debuginfo-0:83-164.el5_5.21
kvm-qemu-img-0:83-164.el5_5.21
kvm-tools-0:83-164.el5_5.21

refmap via4

confirm	https://bugzilla.redhat.com/show_bug.cgi?id=570528
secunia	42778
suse	SUSE-SA:2011:001
vupen	ADV-2011-0012

Last major update

13-02-2023 - 04:16

Published

24-08-2010 - 18:00

Last modified

13-02-2023 - 04:16