CVE-2010-0309

Name of the Vulnerable Software and Affected Versions KVM version 83

Description The issue arises from the pit ioport read function in the Programmable Interval Timer (PIT) emulation, specifically in the i8254.c file. This function does not properly utilize the pit state data structure, allowing guest OS users to cause a denial of service. This can be achieved by attempting to read the /dev/port file, potentially leading to a host OS crash or hang.

Recommendations For KVM version 83, consider applying a patch that corrects the pit ioport read function's usage of the pit state data structure to prevent denial of service attacks. As a temporary workaround, restrict access to the /dev/port file to minimize the risk of exploitation.