CVE-2010-0306

Name	CVE-2010-0306
Description	The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) to restrict instruction execution, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, and replacing an instruction in between emulator entry and instruction fetch, a related issue to CVE-2010-0298.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
References	DSA-1996-1, DSA-2010-1

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin
kvm	source	lenny	72+dfsg-5~lenny5	DSA-2010-1
kvm	source	(unstable)	(unfixed)
linux-2.6	source	etch	(not affected)
linux-2.6	source	lenny	2.6.26-21lenny3	DSA-1996-1
linux-2.6	source	(unstable)	2.6.32-8
linux-2.6.24	source	(unstable)	(not affected)

Notes

[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)