CVE-2010-0435

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Virtualization (RHEV) version 2.2 KVM version 83

Description The issue allows guest OS users to cause a denial of service, resulting in a host OS crash due to a NULL pointer dereference. This occurs when the Intel VT-x extension is enabled and is related to instruction emulation.

Recommendations For Red Hat Enterprise Virtualization (RHEV) version 2.2, consider disabling the Intel VT-x extension as a temporary workaround to minimize the risk of exploitation. For KVM version 83, restrict the use of instruction emulation to prevent the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2010-0435

DSA-2153-1

RHSA-2010:0622

RHSA-2010:0627

RHSA-2010_0627

Affected Products

Kvm

Red Hat

Red Hat Enterprise Virtualization

CVE-2010-0435

Related Identifiers

Affected Products

References · 11