CVE-2010-0430

libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings.

CVSS v2.0 7.4 HIGH

7.4^/10

CVSS v2.0 : HIGH

Vector : AV:A/AC:M/Au:S/C:C/I:C/A:C

Exploitability : 4.4 / Impact : 10.0

Access Vector ADJACENT_NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2010-0271.html	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=568702
https://rhn.redhat.com/errata/RHSA-2010-0476.html	Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2010-0271.html	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=568702
https://rhn.redhat.com/errata/RHSA-2010-0476.html	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:enterprise_virtualization_hypervisor:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-12-27 01:55

Updated : 2025-04-11 00:51

NVD link : CVE-2010-0430

Mitre link : CVE-2010-0430

CVE.ORG link : CVE-2010-0430

JSON object : View

Products Affected

redhat

enterprise_virtualization_hypervisor

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2010-0430", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.4, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 4.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-12-27T01:55:04.957", "references": [{"url": "http://rhn.redhat.com/errata/RHSA-2010-0271.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568702", "source": "secalert@redhat.com"}, {"url": "https://rhn.redhat.com/errata/RHSA-2010-0476.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2010-0271.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=568702", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://rhn.redhat.com/errata/RHSA-2010-0476.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings."}, {"lang": "es", "value": "libspice, como es utilizada en QUEMU-KVM en Red Hat Enterprise Virtualization Hypervisor (tambi\u00e9n conocido como RHEV-H o rhev-hypervisor) anteriores a 5.5-2.2 y posiblemente otros productos, permite a usuarios de SO invitados leer o escribir de memoria QEMU arbitraria modificando la direcci\u00f3n que es utilizada por Cairo para mapeados de memoria."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:enterprise_virtualization_hypervisor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB490059-0C5C-42FD-8A99-61AD032218B3", "versionEndIncluding": "5.4-2.1"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}