Vulnerabilities > Redhat > KVM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-01-27 | CVE-2011-4622 | Local Denial of Service vulnerability in Redhat KVM 83 The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual interrupt controller (irqchip) is not available, which allows local users to cause a denial of service (NULL pointer dereference) by starting a timer. | 4.9 |
2010-08-24 | CVE-2010-2784 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Virtualization and KVM The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors. | 6.6 |
2010-08-24 | CVE-2010-0431 | Improper Input Validation vulnerability in Redhat Enterprise Virtualization and KVM QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors. | 6.6 |