Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CVE-2007-2894: bochs guest OS local user DoS
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241799
bugzilla(a)redhat.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Product|Fedora Extras |Fedora
------- Additional Comments From j.w.r.degoede(a)hhs.nl 2007-07-18 13:37 EST -------
Since upstream isn't making any progress with regards to this, I've investigated
this a bit further.
This CVS stems from someone doing virtual machine / pc research and the original
report mentions not one but 2 vulnerabilities:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2893
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2894
2893 is a reproducible, most likely exploitable, buffer overflow in the ne2000
driver. For which a fix is in CVS, I will issue a fixed package for this shortly
2894 is a report of a divide by zero error in the floppy, which the researcher
managed to trigger once by feeding random bytes to the emulated floppy
controller. This is not reproducable, and upstream has audited the code and can
not find any divide by zero conditions, so I'm assuming this issue is moot.
--
Configure bugmail:
https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.