Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 201434 (CVE-2007-6227) - <app-emulation/qemu-0.9.1: TranslationBlock (code_gen_buffer) buffer overwrite (CVE-2007-6227)
Summary: <app-emulation/qemu-0.9.1: TranslationBlock (code_gen_buffer) buffer overwrit...
Status: RESOLVED FIXED
Alias: CVE-2007-6227
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://www.nabble.com/-security-bug-c...
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2007-12-05 23:17 UTC by Robert Buchholz (RETIRED)
Modified: 2014-09-02 09:26 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2007-12-05 23:17:59 UTC
CVE-2007-6227 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6227):
  QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to
  overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have
  unspecified other impacts related to an "overflow," via certain Windows
  executable programs, as demonstrated by qemu-dos.com.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2007-12-05 23:22:46 UTC
resolution for this issue is still in discussion upstream.

cc'ing maintainer.
Comment 2 Pierre-Yves Rofes (RETIRED) gentoo-dev 2008-05-11 13:49:29 UTC
Any news here? 0.9.1 doesn't mention the fix in the changelog, otoh the last reply in the thread in $URL seems to contain a patch... maintainer, please advise.
Comment 3 Pierre-Yves Rofes (RETIRED) gentoo-dev 2009-03-17 12:23:37 UTC
(In reply to comment #2)
> Any news here? 0.9.1 doesn't mention the fix in the changelog, otoh the last
> reply in the thread in $URL seems to contain a patch... maintainer, please
> advise.
> 

*ping*
Comment 4 Luca Barbato gentoo-dev 2009-03-17 18:39:19 UTC
0.10 in portage already
Comment 5 Stefan Behte (RETIRED) gentoo-dev Security 2010-10-07 22:16:30 UTC
Yes, but did it fix this?
Comment 6 Doug Goldstein gentoo-dev 2012-10-30 21:15:57 UTC
According to upstream's commit, 0.9.1 fixed this. That was 7 MAJOR versions ago so I have no idea when it was fixed in the tree.
Comment 7 Doug Goldstein gentoo-dev 2013-02-10 21:52:00 UTC
6 years old and fixed in the tree 4 years ago. Can we get this wrapped up?
Comment 8 Kristian Fiskerstrand gentoo-dev Security 2014-09-02 09:26:16 UTC
This issue was resolved and addressed in
 GLSA 201408-17 at http://security.gentoo.org/glsa/glsa-201408-17.xml
by GLSA coordinator Kristian Fiskerstrand (K_F).