CVE-2010-0430

CWE-119 — Buffer Overflow7 documents7 sources

Severity

7.4HIGH

EPSS

0.2%

top 54.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Enterprise Virtualization Hypervisor

Timeline

PublishedDec 27

Latest updateMay 2

Description

libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings.

CVSS vector

AV:A/AC:M/C:C/I:C/A:CExploitability: 4.4 | Impact: 10.0

Affected Packages1 packages

▶NVDredhat/enterprise_virtualization_hypervisor5.4-2.1

🔴Vulnerability Details

GHSA

GHSA-5g9q-h772-m2pq: libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5↗2022-05-02

▶

CVEList

CVE-2010-0430: libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5↗2013-12-27

▶

💥Exploits & PoCs

Exploit-DB

AppleFileServer (OSX) - LoginExt PathName Overflow (Metasploit)↗2010-09-20

▶

📋Vendor Advisories

Red Hat

libspice: Insufficient guest provided memory mappings boundaries validations↗2010-03-30

▶

Debian

CVE-2010-0430: spice - libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (a...↗2010

▶

💬Community

Bugzilla

CVE-2010-0430 libspice: Insufficient guest provided memory mappings boundaries validations↗2010-02-26

▶