ID CVE-2010-0435
Summary The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation. Per: http://cwe.mitre.org/data/definitions/476.html 'NULL Pointer Dereference'
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 19-01-2011 - 06:54)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:S/C:N/I:N/A:C
redhat via4
advisories
  • rhsa
    id RHSA-2010:0622
  • rhsa
    id RHSA-2010:0627
rpms
  • kmod-kvm-0:83-164.el5_5.21
  • kvm-0:83-164.el5_5.21
  • kvm-qemu-img-0:83-164.el5_5.21
  • kvm-tools-0:83-164.el5_5.21
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=570528
secunia 42778
suse SUSE-SA:2011:001
vupen ADV-2011-0012
Last major update 19-01-2011 - 06:54
Published 24-08-2010 - 18:00
Back to Top