CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 0CVE-2010-0428 – libspice: Insufficient guest provided pointers validation
https://notcve.org/view.php?id=CVE-2010-0428
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors. libspice, tal y como se utiliza en QEMU-KVM en el Hypervisor (alias rhev-hipervisor) de Red Hat Enterprise Virtualization (RHEV) v2.2 y qspice v0.3.0, no valida correctamente los punteros a controladores QXL, lo que permite causar, a los usuarios de los sistemas operativos Huesped, una denegación de servicio (uso de puntero no válido y la caída del sistema operativo huésped) o posiblemente ganar privilegios a través de vectores no especificados. • https://bugzilla.redhat.com/show_bug.cgi?id=568699 https://rhn.redhat.com/errata/RHSA-2010-0622.html https://rhn.redhat.com/errata/RHSA-2010-0633.html https://access.redhat.com/security/cve/CVE-2010-0428 • CWE-20: Improper Input Validation •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 0CVE-2010-0429 – libspice: Relying on guest provided data structures to indicate memory allocation
https://notcve.org/view.php?id=CVE-2010-0429
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors. libspice, tal y como se utiliza en QEMU-KVM en el Hypervisor (alias rhev-hipervisor) en Red Hat Enterprise Virtualization (RHEV) v2.2 y qspice v0.3.0, no restringe adecuadamanete las direcciones sobre las que las acciones de gestion de memoria son llevadas a cabo, lo que permite causar, a los usuarios del sistema operativo Huesped, una denegación de servicio (caida del sistema operativo Huesped) o posiblemente obtener privilegios mediante vectores no especificados. • https://bugzilla.redhat.com/show_bug.cgi?id=568701 https://rhn.redhat.com/errata/RHSA-2010-0622.html https://rhn.redhat.com/errata/RHSA-2010-0633.html https://access.redhat.com/security/cve/CVE-2010-0429 • CWE-264: Permissions, Privileges, and Access Controls •