New Search

The x86 emulator in KVM 83 when a guest is configured for Symmetric Multiprocessing (SMP) does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) to restrict instruction execution which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region and replacing an instruction in between emulator entry and instruction fetch a related issue to CVE-2010-0298.

oval:org.mitre.oval:def:10953

The x86 emulator in KVM 83 when a guest is configured for Symmetric Multiprocessing (SMP) does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) to restrict instruction execution which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region and replacing an instruction in between emulator entry and instruction fetch a related issue to CVE-2010-0298.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 5
  • Oracle Linux 5
  • Red Hat Enterprise Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2010-0306
Product(s):