PT-2010-2200 · Red Hat · Kvm+2

Gleb Napatov

Publicado

2010-08-19

Atualizado

2023-02-13

CVE-2010-0435

CVSS v2.0

4.6

Média

Vetor

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Virtualization (RHEV) version 2.2 KVM version 83

Description The issue allows guest OS users to cause a denial of service, resulting in a host OS crash due to a NULL pointer dereference. This occurs when the Intel VT-x extension is enabled and is related to instruction emulation.

Recommendations For Red Hat Enterprise Virtualization (RHEV) version 2.2, consider disabling the Intel VT-x extension as a temporary workaround to minimize the risk of exploitation. For KVM version 83, restrict the use of instruction emulation to prevent the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2010-0435

DSA-2153-1

RHSA-2010:0622

RHSA-2010:0627

RHSA-2010_0627

Produtos afetados

Kvm

Red Hat

Red Hat Enterprise Virtualization

PT-2010-2200 · Red Hat · Kvm+2

CVE-2010-0435

Identificadores relacionados

Produtos afetados

Referências · 11