CVE-2010-0309

2010-02-1200:00:00

ubuntu.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.004 Low

EPSS

Percentile

71.7%

JSON

The pit_ioport_read function in the Programmable Interval Timer (PIT)
emulation in i8254.c in KVM 83 does not properly use the pit_state data
structure, which allows guest OS users to cause a denial of service (host
OS crash or hang) by attempting to read the /dev/port file.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux< 2.6.24-27.68UNKNOWN
ubuntu8.10noarchlinux< 2.6.27-17.46UNKNOWN
ubuntu9.04noarchlinux< 2.6.28-18.60UNKNOWN
ubuntu9.10noarchlinux< 2.6.31-20.58UNKNOWN
ubuntu9.10noarchlinux-ec2< 2.6.31-305.13UNKNOWN
ubuntu9.10noarchlinux-fsl-imx51< 2.6.31-109.25UNKNOWN
ubuntu9.10noarchlinux-mvl-dove< 2.6.31-212.26UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	linux	< 2.6.24-27.68	UNKNOWN
ubuntu	8.10	noarch	linux	< 2.6.27-17.46	UNKNOWN
ubuntu	9.04	noarch	linux	< 2.6.28-18.60	UNKNOWN
ubuntu	9.10	noarch	linux	< 2.6.31-20.58	UNKNOWN
ubuntu	9.10	noarch	linux-ec2	< 2.6.31-305.13	UNKNOWN
ubuntu	9.10	noarch	linux-fsl-imx51	< 2.6.31-109.25	UNKNOWN
ubuntu	9.10	noarch	linux-mvl-dove	< 2.6.31-212.26	UNKNOWN