The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, a related issue to CVE-2010-0306.

KVM 83中的x86模拟器在确定SPL3代码可用的内存访问时，并未使用当前特权级别(CPL)和I/O特权级别(IOPL)，这使得 guest OS 用户可以通过利用访问(1)IO端口或(2)MMIO区域来利用漏洞CVE-2010-0306，导致服务拒绝( guest OS 崩溃)或在 guest OS 中获取权限。这是一个与CVE-2010-0306相关的漏洞。

NVD 暂无评分

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）