Debian Qemu vulnerabilities

CVE-2007-1320 [HIGH] CVE-2007-1320: qemu - Multiple heap-based buffer overflows in the cirrus_invalidate_region function in... Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow. Scope: local bookworm: resolved (fixed

CVE-2007-5729 [HIGH] CVE-2007-5729: qemu - The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code b... The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the soc

CVE-2007-5730 [HIGH] CVE-2007-5730: qemu - Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other prod... Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identif

CVE-2007-1322 [LOW] CVE-2007-1322: qemu - QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp i... QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction. Scope: local bookworm: resolved (fixed in 0.9.0-2) bullseye: resolved (fixed in 0.9.0-2) forky: resolved (fixed in 0.9.0-2) sid: resolved (fixed in 0.9.0-2) trixie: resolved (fixed in 0.9.0-2)

CVE-2007-1366 [LOW] CVE-2007-1366: qemu - QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand... QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error. Scope: local bookworm: resolved (fixed in 0.9.0-2) bullseye: resolved (fixed in 0.9.0-2) forky: resolved (fixed in 0.9.0-2) sid: resolved (fixed in 0.9.0-2) trixie: resolved (fixed in 0.9.0-2)

CVE-2007-6227 [HIGH] CVE-2007-6227: qemu - QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to over... QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflow," via certain Windows executable programs, as demonstrated by qemu-dos.com. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolve