CVE-2007-1366

Publication date 2 May 2007

Last updated 24 July 2024


Ubuntu priority

QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by “aam 0x0,” which triggers a divide-by-zero error.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
kvm 9.10 karmic Not in release
9.04 jaunty
Fixed 1:62+dfsg-0ubuntu3
8.10 intrepid
Fixed 1:62+dfsg-0ubuntu3
8.04 LTS hardy
Fixed 1:62+dfsg-0ubuntu3
7.10 gutsy Ignored end of life, was needed
7.04 feisty Ignored end of life, was needed
6.10 edgy Not in release
6.06 LTS dapper Not in release
qemu 9.10 karmic Not in release
9.04 jaunty
Fixed 0.9.0-2
8.10 intrepid
Fixed 0.9.0-2
8.04 LTS hardy
Fixed 0.9.0-2
7.10 gutsy
Fixed 0.9.0-2
7.04 feisty Ignored end of life, was needed
6.10 edgy Ignored end of life, was needed
6.06 LTS dapper Ignored end of life
qemu-kvm 9.10 karmic
Fixed 0.9.0-2
9.04 jaunty Not in release
8.10 intrepid Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release

Notes


jdstrand

kvm contains qemu (0.9.1 on hardy)

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
qemu