CVE-2010-0419 — Qumranet KVM vulnerability

CWE-2646 documents5 sources

Severity

4.4MEDIUMNVD

EPSS

0.1%

top 77.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

KVM Qumranet KVM

Timeline

PublishedMar 5

Latest updateMay 2

Description

The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not properly restrict writing of segment selectors to segment registers, which might allow guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, and replacing an instruction in between emulator entry and instruction fetch.

CVSS vector

AV:L/AC:M/C:P/I:P/A:PExploitability: 3.4 | Impact: 6.4

Affected Packages1 packages

▶NVDkvm_qumranet/kvm83

🔴Vulnerability Details

GHSA

GHSA-7c97-97wj-vp33: The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not properly restrict writing of segment selectors to↗2022-05-02

▶

📋Vendor Advisories

Ubuntu

Linux kernel regression↗2010-06-04

▶

Ubuntu

Linux kernel vulnerabilities↗2010-06-03

▶

Red Hat

kvm: emulator privilege escalation segment selector check↗2010-03-01

▶

💬Community

Bugzilla

CVE-2010-0419 kvm: emulator privilege escalation segment selector check↗2010-02-10

▶