PublicDate: 2007-10-30 22:46:00 UTC Candidate: CVE-2007-1321 References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1321 Description: Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730. Ubuntu-Description: Notes: jdstrand> kvm contains qemu (0.9.1 on hardy) jdstrand> kvm does not use ne2000 by default Priority: medium Discovered-by: Assigned-to: CVSS: Bugs: Patches_qemu: vendor: http://www.debian.org/security/2007/dsa-1284 upstream_qemu: released dapper_qemu: ignored (reached end-of-life) edgy_qemu: needed (reached end-of-life) feisty_qemu: needed (reached end-of-life) gutsy_qemu: released (0.9.0-2ubuntu2) hardy_qemu: not-affected (0.9.0-2ubuntu2) intrepid_qemu: not-affected (0.9.0-2ubuntu2) jaunty_qemu: not-affected (0.9.0-2ubuntu2) karmic_qemu: DNE devel_qemu: DNE upstream_xen-3.1: released dapper_xen-3.1: DNE gutsy_xen-3.1: released (3.1.0-0ubuntu18) hardy_xen-3.1: not-affected intrepid_xen-3.1: not-affected jaunty_xen-3.1: DNE karmic_xen-3.1: DNE devel_xen-3.1: DNE Patches_kvm: upstream_kvm: needed dapper_kvm: DNE edgy_kvm: DNE feisty_kvm: needed (reached end-of-life) gutsy_kvm: needed (reached end-of-life) hardy_kvm: released (1:62+dfsg-0ubuntu3) intrepid_kvm: released (1:62+dfsg-0ubuntu3) jaunty_kvm: released (1:62+dfsg-0ubuntu3) karmic_kvm: DNE devel_kvm: DNE Patches_qemu-kvm: upstream_qemu-kvm: needs-triage dapper_qemu-kvm: DNE hardy_qemu-kvm: DNE intrepid_qemu-kvm: DNE jaunty_qemu-kvm: DNE karmic_qemu-kvm: not-affected (0.9.0-2ubuntu2) devel_qemu-kvm: not-affected (0.9.0-2ubuntu2)