6.6
CVE-2010-2784
- EPSS 0.28%
- Veröffentlicht 24.08.2010 18:00:39
- Zuletzt bearbeitet 16.06.2026 23:21:29
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Enterprise Virtualization Version2.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.193 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.6 | 2.7 | 10 |
AV:L/AC:M/Au:S/C:C/I:C/A:C
|
https://rhn.redhat.com/errata/RHSA-2010-0622.html
https://rhn.redhat.com/errata/RHSA-2010-0627.html
http://www.spinics.net/lists/kvm/msg39173.html
https://bugzilla.redhat.com/show_bug.cgi?id=619411