5603 matches found
CVE-2010-0431
QEMU-KVM, as used in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service invalid pointer dereference and guest OS crash or possibly gain privileg...
CVE-2010-0435
The Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service NULL pointer dereference and host OS crash via vectors related to instruction emulation...
CVE-2010-2784
The subpage MMIO initialization functionality in the subpageregister function in exec.c in QEMU-KVM, as used in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS...
Design/Logic Flaw
libspice, as used in QEMU-KVM in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service guest OS crash ...
Design/Logic Flaw
The subpage MMIO initialization functionality in the subpageregister function in exec.c in QEMU-KVM, as used in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS...
Null pointer dereference
The Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service NULL pointer dereference and host OS crash via vectors related to instruction emulation...
CVE-2010-0435
The Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service NULL pointer dereference and host OS crash via vectors related to instruction emulation...
CVE-2010-0431
CVE-2010-0431 affects QEMU-KVM (RHEV/kvm) where the host did not fully validate guest QXL driver pointers, enabling a privileged guest? user to crash the host (denial of service) or potentially escalate privileges. Public data show Red Hat/RHEV hypervisor updates (RHSA-2010-0622) and KVM updates ...
CVE-2010-0431
QEMU-KVM, as used in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service invalid pointer dereference and guest OS crash or possibly gain privileg...
CVE-2010-0429
libspice, as used in QEMU-KVM in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service guest OS crash ...
CVE-2010-0435
CVE-2010-0435 is a KVM/Hypervisor NULL pointer dereference vulnerability that arises when Intel VT-x is enabled, allowing a privileged guest to crash the host via instruction-emulation vectors. Public advisories (RHBA/RHSA-2010-0622 for RHEL5/RHEV 2.2 and ELSA-2010-0627/ELSA-2010-0627) document h...
CVE-2010-2784
The subpage MMIO initialization functionality in the subpageregister function in exec.c in QEMU-KVM, as used in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS...
CVE-2010-0428
libspice, as used in QEMU-KVM in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service invalid pointer dereference and guest OS crash or...
CVE-2010-0429
libspice, as used in QEMU-KVM in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service guest OS crash ...
CVE-2010-0435
The Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service NULL pointer dereference and host OS crash via vectors related to instruction emulation...
qemu: Insufficient guest provided pointers validation
QEMU-KVM, as used in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service invalid pointer dereference and guest OS crash or possibly gain privileg...
libspice: Relying on guest provided data structures to indicate memory allocation
libspice, as used in QEMU-KVM in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service guest OS crash ...
libspice: Insufficient guest provided pointers validation
libspice, as used in QEMU-KVM in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service invalid pointer dereference and guest OS crash or...
kvm: vmx null pointer dereference
The Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service NULL pointer dereference and host OS crash via vectors related to instruction emulation...
Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update
Updated rhev-hypervisor packages that fix multiple security issues and two bugs are now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...