CVE-2010-0431 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0431): QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.
CVE-2010-0435 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0435): The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, when the Intel VT-x extension is enabled, allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via vectors related to instruction emulation. CVE-2010-2784 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2784): The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
On a quick look at the referenced links, this seems to be all about kvm-83. If that's true, that version is no longer in the tree.
Yeah this has long been out of the Gentoo tree. Those versions were also never stable.
Thanks for looking into it.
