Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
KVM Number Of NVD 4 CRITICAL 0 HIGH 1 MEDIUM 3 LOW 0
URL https://www.linux-kvm.org/page/Main_Page
Explanation KVM is a fully virtualized solution for Linux on x86 hardware that includes virtualization extensions (Intel VT or AMD-V). It consists of the loadable kernel module kvm.ko, which provides the core virtualization infrastructure, and the processor-specific modules kvm-intel.ko or kvm-amd.ko.
Extracted and translated from [https://www.linux-kvm.org/page/Main_Page].

Since it is built into the kernel, it is easy to use.
Patches and version upgrades are mostly done by administrative commands of the distribution you are using.
Not only CUI, but also GUI is available by using virt-manager.
Tag
  • オープンソース
  • GPL v2
  • GNU LGPL
Add Information URL
No Type Name URL
1 https://kernel.googlesource.com/pub/scm/virt/kvm/
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1 0 0 0 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1 -
4.4 		MEDIUM The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not properly restrict writing of segment selectors to segment registers, which might allow guest OS us… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-0419 cpe:2.3:a:kvm_qumranet:kvm:83:* 2017-09-19 10:30
2010-03-6 		Show GitHub Exploit DB Packet Storm
2 -
4.1 		MEDIUM The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) to restrict instruction execu… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-0306 cpe:2.3:a:kvm_qumranet:kvm:83:* 2017-09-19 10:30
2010-02-13 		Show GitHub Exploit DB Packet Storm
3 -
7.2 		HIGH Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console fo… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-4539 cpe:2.3:a:kvm_qumranet:kvm:*:* 81 2026-04-23 09:35
2008-12-30 		Show GitHub Exploit DB Packet Storm
4 -
5.0 		MEDIUM The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a cer… CWE-399
 Resource Management Errors 		CVE-2008-2382 cpe:2.3:a:kvm_qumranet:kvm:9:*
cpe:2.3:a:kvm_qumranet:kvm:8:*
cpe:2.3:a:kvm_qumranet:kvm:7:*
cpe:2.3:a:kvm_qum… 		79 2026-04-23 09:35
2008-12-25 		Show GitHub Exploit DB Packet Storm