What is the severity of CVE-2010-0430?

CVE-2010-0430 has a medium severity rating due to its potential to allow unauthorized access to guest OS memory.

How do I fix CVE-2010-0430?

To fix CVE-2010-0430, update to the patched versions of kvm (0:83-164.el5) or rhev-hypervisor (0:5.5-2.2.4.2.el5) as recommended by Red Hat.

What products are affected by CVE-2010-0430?

CVE-2010-0430 affects libspice used in QEMU-KVM within Red Hat Enterprise Virtualization Hypervisor prior to version 5.5-2.2.

Can CVE-2010-0430 be exploited remotely?

Yes, CVE-2010-0430 can be exploited remotely by guest OS users if the vulnerability is present.

What are the potential consequences of CVE-2010-0430 exploitation?

Exploitation of CVE-2010-0430 could allow guest OS users to read or write arbitrary QEMU memory, leading to data exposure or system instability.

Vulnerability/
CVE-2010-0430

high

7.4

CWE

119

26/2/2010

30/3/2010

27/12/2013

7/8/2024

CVE-2010-0430: Buffer Overflow

First published: Fri Feb 26 2010(Updated: )

libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/kvm	<0:83-164.el5	0:83-164.el5
redhat/rhev-hypervisor	<0:5.5-2.2.4.2.el5	0:5.5-2.2.4.2.el5
Red Hat Enterprise Virtualization Hypervisor	<=5.4-2.1

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is the severity of CVE-2010-0430?
CVE-2010-0430 has a medium severity rating due to its potential to allow unauthorized access to guest OS memory.
How do I fix CVE-2010-0430?
To fix CVE-2010-0430, update to the patched versions of kvm (0:83-164.el5) or rhev-hypervisor (0:5.5-2.2.4.2.el5) as recommended by Red Hat.
What products are affected by CVE-2010-0430?
CVE-2010-0430 affects libspice used in QEMU-KVM within Red Hat Enterprise Virtualization Hypervisor prior to version 5.5-2.2.
Can CVE-2010-0430 be exploited remotely?
Yes, CVE-2010-0430 can be exploited remotely by guest OS users if the vulnerability is present.
What are the potential consequences of CVE-2010-0430 exploitation?
Exploitation of CVE-2010-0430 could allow guest OS users to read or write arbitrary QEMU memory, leading to data exposure or system instability.

agent/type
agent/first-publish-date
agent/softwarecombine
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-0430
agent/references
agent/weakness
agent/author
agent/description
agent/severity
collector/redhat-cve
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
package-manager/redhat
vendor/redhat
canonical/red hat enterprise virtualization hypervisor
version/red hat enterprise virtualization hypervisor/5.4-2.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.