CVE-2010-0419

2010-03-0500:00:00

ubuntu.com

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

25.9%

JSON

The x86 emulator in KVM 83, when a guest is configured for Symmetric
Multiprocessing (SMP), does not properly restrict writing of segment
selectors to segment registers, which might allow guest OS users to cause a
denial of service (guest OS crash) or gain privileges on the guest OS by
leveraging access to a (1) IO port or (2) MMIO region, and replacing an
instruction in between emulator entry and instruction fetch.

Notes

Author	Note
jdstrand	patch pulled in Lucid since the patch failed. Patch may not actually be needed

OSVersionArchitecturePackageVersionFilename
ubuntu9.04noarchlinux< 2.6.28-19.61UNKNOWN
ubuntu9.10noarchlinux< 2.6.31-22.60UNKNOWN
ubuntu9.10noarchlinux-ec2< 2.6.31-307.15UNKNOWN
ubuntu9.10noarchlinux-fsl-imx51< 2.6.31-112.30UNKNOWN
ubuntu10.04noarchlinux-fsl-imx51< 2.6.31-608.14UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	9.04	noarch	linux	< 2.6.28-19.61	UNKNOWN
ubuntu	9.10	noarch	linux	< 2.6.31-22.60	UNKNOWN
ubuntu	9.10	noarch	linux-ec2	< 2.6.31-307.15	UNKNOWN
ubuntu	9.10	noarch	linux-fsl-imx51	< 2.6.31-112.30	UNKNOWN
ubuntu	10.04	noarch	linux-fsl-imx51	< 2.6.31-608.14	UNKNOWN