CVE-2010-0430
Red Hat Enterprise Virtualization Hypervisor < 5.4-2.1 - Arbitrary Memory Read/Write via libspice Cairo Memory Mapping
Title source: llmDescription
libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 and possibly other products, allows guest OS users to read from or write to arbitrary QEMU memory by modifying the address that is used by Cairo for memory mappings.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
https://rhn.redhat.com/errata/RHSA-2010-0476.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=568702
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2010-0271.html
Scores
EPSS
0.0049
EPSS Percentile
38.5%
Details
CWE
CWE-119
Status
published
Products (1)
redhat/enterprise_virtualization_hypervisor
< 5.4-2.1
Published
Dec 27, 2013
Tracked Since
Feb 18, 2026