Skip to main content

Configuration

CVE-2010-0309

Severity Medium
Score 6.8/10

Summary

The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure, which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to read the /dev/port file.

  • LOW
  • NETWORK
  • SINGLE
  • NONE
  • NONE
  • COMPLETE

CWE-16 - Configuration

Weaknesses in this category are typically introduced during the configuration of the software.

References

Advisory Timeline

  • Published