CVE-2010-0298
Publication date 12 February 2010
Last updated 24 July 2024
Ubuntu priority
The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, a related issue to CVE-2010-0306.
From the Ubuntu Security Team
It was discovered that KVM did not correctly limit certain privileged IO accesses on x86. Processes in the guest OS with access to IO regions could gain further privileges within the guest OS.
Status
Package | Ubuntu Release | Status |
---|---|---|
kvm | ||
linux | ||
linux-ec2 | ||
linux-fsl-imx51 | ||
linux-lts-backport-maverick | ||
linux-mvl-dove | ||
linux-source-2.6.15 | ||
linux-ti-omap4 | ||
Notes
kees
access to IO/MMIO requires elevated privileges, which already allows for guest OS disruption. No working upstream solution yet.
Patch details
Package | Patch details |
---|---|
linux |