CVE-2010-0419

Name of the Vulnerable Software and Affected Versions KVM version 83

Description The issue is related to the x86 emulator in KVM, specifically when a guest is configured for Symmetric Multiprocessing (SMP). It does not properly restrict writing of segment selectors to segment registers. This could allow guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS. The potential exploitation involves leveraging access to an IO port or MMIO region and replacing an instruction in between emulator entry and instruction fetch.

Recommendations For KVM version 83, consider restricting access to IO ports and MMIO regions to minimize the risk of exploitation. As a temporary workaround, limiting the use of Symmetric Multiprocessing (SMP) in guest configurations may help reduce the vulnerability until a proper fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.