CVE-2010-0431

QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.6 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:S/C:C/I:C/A:C
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
redhatenterprise_virtualization
2.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
kvm
lucid
dne
karmic
dne
jaunty
not-affected
hardy
not-affected
dapper
dne
qemu-kvm
lucid
not-affected
karmic
not-affected
jaunty
dne
hardy
dne
dapper
dne
Common Weakness Enumeration
References
https://bugzilla.redhat.com/show_bug.cgi?id=568809
https://rhn.redhat.com/errata/RHSA-2010-0622.html
https://rhn.redhat.com/errata/RHSA-2010-0627.html
https://bugzilla.redhat.com/show_bug.cgi?id=568809
https://rhn.redhat.com/errata/RHSA-2010-0622.html
https://rhn.redhat.com/errata/RHSA-2010-0627.html