FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-1366

This CVE name corresponds to:

Entered Topic
2007-05-01 qemu -- several vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-1366 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-1366
Phase Assigned(20070309)

Description

QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error.

References

Source Reference
MLIST [Qemu-devel] 20070428 Qemu crashes on AAM 0
MLIST [Qemu-devel] 20070429 Re: Qemu crashes on AAM 0
MISC http://taviso.decsystem.org/virtsec.pdf
DEBIAN DSA-1284
MANDRIVA MDVSA-2008:162
BID 23731
OSVDB 35498
VUPEN ADV-2007-1597
SECUNIA 25073
SECUNIA 25095
SECUNIA 29129
XF qemu-aam-dos(34046)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.