CVE-2010-5313
kernel: kvm: reporting emulation failures to userspace
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842.
Condición de carrera en arch/x86/kvm/x86.c en el kernel de Linux anterior a 2.6.38 permite a usuarios del sistema operativo L2 invitado causar una denegación de servicio (caída del sistema operativo L1 invitado) a través de una instrucción manipulada que provoca un informe de fallo de emulación en L2, un problema similar a CVE-2014-7842.
It was found that reporting emulation failures to user space could lead to either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain systems, HPET is mapped to userspace as part of vdso (vvar) and thus an unprivileged user may generate MMIO transactions (and enter the emulator) this way.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-11-29 CVE Reserved
- 2014-11-30 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc3a9157d3148ab91039c75423da8ef97be3e105 | X_refsource_confirm | |
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | X_refsource_confirm | |
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | X_refsource_confirm | |
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | X_refsource_confirm | |
http://www.securityfocus.com/bid/71363 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.openwall.com/lists/oss-security/2014/11/13/7 | 2023-11-07 | |
https://github.com/torvalds/linux/commit/fc3a9157d3148ab91039c75423da8ef97be3e105 | 2023-11-07 |
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html | 2023-11-07 | |
http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.38 | 2023-11-07 | |
http://rhn.redhat.com/errata/RHSA-2016-0855.html | 2023-11-07 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1163762 | 2016-05-10 | |
https://access.redhat.com/security/cve/CVE-2010-5313 | 2016-05-10 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 2.6.37 Search vendor "Linux" for product "Linux Kernel" and version " <= 2.6.37" | - |
Affected
|