CVE-2010-0435MEDIUM
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation.
References
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
http://secunia.com/advisories/42778
http://www.vupen.com/english/advisories/2011/0012
https://bugzilla.redhat.com/show_bug.cgi?id=570528
Details
Source: MITRE
Published: 2010-08-24
Updated: 2011-01-19
Type: NVD-CWE-Other
Risk Information
CVSS v2
Base Score: 4.6
Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C
Impact Score: 6.9
Exploitability Score: 3.1
Severity: MEDIUM
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:redhat:enterprise_virtualization:2.2:*:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 79276 | RHEL 5 : rhev-hypervisor (RHSA-2010:0622) | Nessus | Red Hat Local Security Checks | medium |
| 75553 | openSUSE Security Update : kernel (openSUSE-SU-2011:0004-1) | Nessus | SuSE Local Security Checks | high |
| 68085 | Oracle Linux 5 : kvm (ELSA-2010-0627) | Nessus | Oracle Linux Local Security Checks | medium |
| 65101 | Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1083-1) | Nessus | Ubuntu Local Security Checks | critical |
| 63946 | RHEL 5 : kvm (RHSA-2010:0627) | Nessus | Red Hat Local Security Checks | medium |
| 60837 | Scientific Linux Security Update : kvm on SL5.x x86_64 | Nessus | Scientific Linux Local Security Checks | medium |
| 52476 | Ubuntu 9.10 : linux, linux-ec2 vulnerabilities (USN-1073-1) | Nessus | Ubuntu Local Security Checks | high |
| 52475 | Ubuntu 8.04 LTS : linux vulnerabilities (USN-1072-1) | Nessus | Ubuntu Local Security Checks | high |
| 51847 | Ubuntu 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1054-1) | Nessus | Ubuntu Local Security Checks | high |
| 51818 | Debian DSA-2153-1 : linux-2.6 - privilege escalation/denial of service/information leak | Nessus | Debian Local Security Checks | high |
| 48910 | CentOS 5 : kvm (CESA-2010:0627) | Nessus | CentOS Local Security Checks | medium |