CVE-2007-5729
Published: 30 October 2007
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the mtu overflow vulnerability.
Notes
Author | Note |
---|---|
jdstrand | kvm includes qemu (0.9.1 on hardy) kvm does not use ne2000 by default Debian used CVE-2007-1321 for this issue |
Priority
Status
Package | Release | Status |
---|---|---|
kvm Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Does not exist
|
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Released
(1:62+dfsg-0ubuntu3)
|
|
intrepid |
Released
(1:62+dfsg-0ubuntu3)
|
|
jaunty |
Released
(1:62+dfsg-0ubuntu3)
|
|
karmic |
Does not exist
|
|
upstream |
Needs triage
|
|
qemu Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Released
(0.9.0-2)
|
|
hardy |
Released
(0.9.0-2)
|
|
intrepid |
Released
(0.9.0-2)
|
|
jaunty |
Released
(0.9.0-2)
|
|
karmic |
Does not exist
|
|
upstream |
Needs triage
|
|
Patches: vendor: http://www.debian.org/security/2007/dsa-1284 |
||
qemu-kvm Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Released
(0.9.0-2)
|
|
upstream |
Needs triage
|