CVE-2010-0430

libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings.

Published: Dec 27, 2013
Updated: Apr 13, 2023
CVE: CVE-2010-0430
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.4
AV:A/AC:M/Au:S/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
redhat / enterprise_virtualization_hypervisor	-	5.4-2.1.x

http://rhn.redhat.com/errata/RHSA-2010-0271.html
https://bugzilla.redhat.com/show_bug.cgi?id=568702
https://rhn.redhat.com/errata/RHSA-2010-0476.html

Vulnerability Database

289,784

CVE-2010-0430