Lucene search
RootSSV:19060HistoryFeb 04, 2010 - 12:00 a.m.
Linux Kernel KVM pit_ioport_read()本地拒绝服务漏洞
2010-02-0400:00:00
Root
www.seebug.org
21
0.004 Low
EPSS
Percentile
68.8%
BUGTRAQ ID: 38038
CVE ID: CVE-2010-0309
Linux Kernel是开放源码操作系统Linux所使用的内核。
在guest上执行cat /dev/port命令的时候,host会立即挂起。问题的起因是pit_state->channels[]有三个元素,pit_ioport_read使用了addr作为pit_get_count的索引,因此inb(0x43)可能读写kvm_kpit_state 的其他数据。
Linux kernel 2.6.x
厂商补丁:
Linux
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
ubuntucve
ubuntucve
CVE-2010-0309
2010-02-12 00:00:00
cve
cve
CVE-2010-0309
2010-02-12 19:30:00
prion
prion
Design/Logic Flaw
2010-02-12 19:30:00
cbl_mariner
cbl_mariner
CVE-2010-0309 affecting package kernel 5.15.153.1-2
2022-04-09 06:52:47
CVE-2010-0309 affecting package kernel 5.10.189.1-1
2021-09-09 15:03:26
redhat
redhat
(RHSA-2010:0088) Important: kvm security and bug fix update
2010-02-09 00:00:00
(RHSA-2010:0095) Important: rhev-hypervisor security and bug fix update
2010-02-09 00:00:00
nessus
nessus
RHEL 5 : kvm (RHSA-2010:0088)
2013-01-24 00:00:00
Scientific Linux Security Update : kvm on SL5.4 i386/x86_64
2012-08-01 00:00:00
Oracle Linux 5 : kvm (ELSA-2010-0088)
2013-07-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2010-1)
2023-03-08 00:00:00
Oracle: Security Advisory (ELSA-2010-0088)
2015-10-06 00:00:00
Oracle: Security Advisory (ELSA-2010-0271)
2015-10-06 00:00:00
debian
debian
[SECURITY] [DSA-2010-1] New kvm packages fix several vulnerabilities
2010-03-10 18:18:55
securityvulns
securityvulns
kvm multiple security vulnerabilities
2010-03-11 00:00:00
[SECURITY] [DSA-2010-1] New kvm packages fix several vulnerabilities
2010-03-11 00:00:00
centos
centos
kmod, kvm security update
2010-02-09 13:51:39
osv
osv
kvm - several vulnerabilities
2010-03-10 00:00:00
linux-2.6 - several vulnerabilities
2010-02-12 00:00:00
oraclelinux
oraclelinux
kvm security and bug fix update
2010-02-09 00:00:00
kvm security, bug fix and enhancement update
2010-04-05 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2010-03-17 00:00:00