CVE-2010-0430
The MITRE CVE dictionary describes this issue as:
libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings.
Find out more about CVE-2010-0430 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
The CVE-2010-0430 issue was fixed in the kvm packages for Red Hat Enterprise Linux 5 via RHSA-2010:0271, and fixed in the rhev-hypervisor package via RHSA-2010:0476. This CVE was not disclosed at the time the errata were released; therefore, it was not mentioned in them.
CVSS v2 metrics
| Base Score | 6.6 |
|---|---|
| Base Metrics | AV:L/AC:M/Au:S/C:C/I:C/A:C |
| Access Vector | Local |
| Access Complexity | Medium |
| Authentication | Single |
| Confidentiality Impact | Complete |
| Integrity Impact | Complete |
| Availability Impact | Complete |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Virtualization Hypervisor 5 (rhev-hypervisor) | RHSA-2010:0476 | 2010-06-22 |
| Red Hat Enterprise Linux Virtualization 5 (kvm) | RHSA-2010:0271 | 2010-03-29 |
CVE description copyright © 2017, The MITRE Corporation