CVE-2010-2784
qemu: insufficient constraints checking in exec.c:subpage_register()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
La funcionalidad de inicialización de subpaginas MMIO en la función subpage_register de exec.c en QEMU-KVM, tal como se utiliza en Hypervisor (alias rhev-hipervisor) en Red Hat Enterprise Virtualization (RHEV) v2.2 y KVM 83, no selecciona adecuadamente el índice para acceder a la matriz de callback, lo que permite causar, a los usuarios del sistema operativo huésped, una denegación de servicio (caida del sistema operativo) o posiblemente obtener privilegios mediante vectores no especificados.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-07-22 CVE Reserved
- 2010-08-24 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://www.spinics.net/lists/kvm/msg39173.html | Mailing List |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://rhn.redhat.com/errata/RHSA-2010-0622.html | 2010-08-25 | |
https://rhn.redhat.com/errata/RHSA-2010-0627.html | 2010-08-25 |
URL | Date | SRC |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=619411 | 2010-08-19 | |
https://access.redhat.com/security/cve/CVE-2010-2784 | 2010-08-19 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Redhat Search vendor "Redhat" | Enterprise Virtualization Search vendor "Redhat" for product "Enterprise Virtualization" | 2.2 Search vendor "Redhat" for product "Enterprise Virtualization" and version "2.2" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Kvm Search vendor "Redhat" for product "Kvm" | 83 Search vendor "Redhat" for product "Kvm" and version "83" | - |
Affected
|