libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2010-0271.html | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=568702 | |
https://rhn.redhat.com/errata/RHSA-2010-0476.html | Vendor Advisory |
http://rhn.redhat.com/errata/RHSA-2010-0271.html | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=568702 | |
https://rhn.redhat.com/errata/RHSA-2010-0476.html | Vendor Advisory |
Configurations
History
21 Nov 2024, 01:12
Type | Values Removed | Values Added |
---|---|---|
References | () http://rhn.redhat.com/errata/RHSA-2010-0271.html - Vendor Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=568702 - | |
References | () https://rhn.redhat.com/errata/RHSA-2010-0476.html - Vendor Advisory |
Information
Published : 2013-12-27 01:55
Updated : 2024-11-21 01:12
NVD link : CVE-2010-0430
Mitre link : CVE-2010-0430
CVE.ORG link : CVE-2010-0430
JSON object : View
Products Affected
redhat
- enterprise_virtualization_hypervisor
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer