Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Virtualization
Subscriptions
Total
48 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2010-0306 | 2 Kvm Qumranet, Redhat | 3 Kvm, Enterprise Linux, Rhel Virtualization | 2024-11-21 | N/A |
The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) to restrict instruction execution, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, and replacing an instruction in between emulator entry and instruction fetch, a related issue to CVE-2010-0298. | ||||
CVE-2010-0298 | 3 Debian, Linux, Redhat | 4 Debian Linux, Linux Kernel, Enterprise Linux and 1 more | 2024-11-21 | N/A |
The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, a related issue to CVE-2010-0306. | ||||
CVE-2010-0297 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Rhel Virtualization | 2024-11-21 | N/A |
Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service (guest OS crash or hang) or possibly execute arbitrary code on the host OS via a crafted USB packet. | ||||
CVE-2009-4031 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Virtualization | 2024-11-21 | N/A |
The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support. | ||||
CVE-2009-3722 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Virtualization | 2024-11-21 | N/A |
The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application. | ||||
CVE-2009-3290 | 2 Linux, Redhat | 2 Linux Kernel, Rhel Virtualization | 2024-11-21 | N/A |
The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified "random addresses." | ||||
CVE-2009-0036 | 2 Libvirt, Redhat | 2 Libvirt, Rhel Virtualization | 2024-11-21 | N/A |
Buffer overflow in the proxyReadClientSocket function in proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to gain privileges by sending a portion of the header of a virProxyPacket packet, and then sending the remainder of the packet with crafted values in the header, related to use of uninitialized memory in a validation check. | ||||
CVE-2008-5086 | 2 Libvirt, Redhat | 2 Libvirt, Rhel Virtualization | 2024-11-21 | N/A |
Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions. |