4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
25.6%
The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization
(RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows
guest OS users to cause a denial of service (NULL pointer dereference and
host OS crash) via vectors related to instruction emulation.
Author | Note |
---|---|
kees | guest can crash host |
smb | Looking at the redhat bugzilla it says: "If emulator is tricked into emulating mov to/from DR instruction it causes NULL pointer dereference on VMX since kvm_x86_ops->(set |
kees | but a fix was included for Lucid anyway? |
smb | It was by upstream. Now pulled that change back to Hardy and Karmic. I believe the reference in the backport is pointing to upstream commit 020df0794f5764e742feaa718be88b8f1b4ce04f which was part of 2.6.35-rc1 |
launchpad.net/bugs/cve/CVE-2010-0435
nvd.nist.gov/vuln/detail/CVE-2010-0435
security-tracker.debian.org/tracker/CVE-2010-0435
ubuntu.com/security/notices/USN-1054-1
ubuntu.com/security/notices/USN-1072-1
ubuntu.com/security/notices/USN-1073-1
ubuntu.com/security/notices/USN-1083-1
www.cve.org/CVERecord?id=CVE-2010-0435