{"id":"AZL-6514","summary":"CVE-2010-0298 affecting package kernel for versions less than 5.10.78.1-1","details":"The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, a related issue to CVE-2010-0306.","modified":"2026-04-21T04:37:30.929991Z","published":"2010-02-12T19:30:00Z","upstream":["CVE-2010-0298"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2010-0298"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.10.78.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-6514.json"}}],"schema_version":"1.7.5"}