CVE-2007-1366
Published: 2 May 2007
QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error.
Notes
| Author | Note |
|---|---|
| jdstrand | kvm contains qemu (0.9.1 on hardy) |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
kvm Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| edgy |
Does not exist
|
|
| feisty |
Ignored
(end of life, was needed)
|
|
| gutsy |
Ignored
(end of life, was needed)
|
|
| hardy |
Released
(1:62+dfsg-0ubuntu3)
|
|
| intrepid |
Released
(1:62+dfsg-0ubuntu3)
|
|
| jaunty |
Released
(1:62+dfsg-0ubuntu3)
|
|
| karmic |
Does not exist
|
|
| upstream |
Needed
|
|
|
qemu Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
| edgy |
Ignored
(end of life, was needed)
|
|
| feisty |
Ignored
(end of life, was needed)
|
|
| gutsy |
Released
(0.9.0-2)
|
|
| hardy |
Released
(0.9.0-2)
|
|
| intrepid |
Released
(0.9.0-2)
|
|
| jaunty |
Released
(0.9.0-2)
|
|
| karmic |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
Patches: vendor: http://www.debian.org/security/2007/dsa-1284 |
||
|
qemu-kvm Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| intrepid |
Does not exist
|
|
| jaunty |
Does not exist
|
|
| karmic |
Released
(0.9.0-2)
|
|
| upstream |
Needs triage
|
|