Bug 414741 - (CVE-2007-6227) CVE-2007-6227 Non-privileged user can cause the virtual CPU to crash
CVE-2007-6227 Non-privileged user can cause the virtual CPU to crash
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On:
  Show dependency treegraph
Reported: 2007-12-06 15:02 EST by Lubomir Kundrak
Modified: 2007-12-09 14:46 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-12-06 15:26:12 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Lubomir Kundrak 2007-12-06 15:02:27 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6227 to the following vulnerability:

QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflow," via certain Windows executable programs, as demonstrated by qemu-dos.com.


Comment 1 Lubomir Kundrak 2007-12-06 15:19:27 EST
An unprivileged user can issue the code that crashes the virtual machine. The
problem is in the CPU emulation code and thus doesn't affect Xen and KVM as they
only use peripheral device emulation.
Comment 2 Lubomir Kundrak 2007-12-06 15:26:12 EST
Not vulnerable. Xen and KVM, as shipped with Red Hat Enterprise Linux 5 are not
vulnerable to this issue, as they normally use only peripheral device emulation
of QEMU. In case KVM is attempted to be used and not supported by hardware, QEMU
CPU emulation code that is vulnerable to this issue is used, whis allow and
unprivileged user to cause a virtual machine crash. Red Hat does not consider
this a security issue as using KVM without hardware support for production
purposes is strongly discouraged.
Comment 3 Ville Skyttä 2007-12-09 14:37:42 EST
What about the standalone QEMU in Fedora?
Comment 4 Lubomir Kundrak 2007-12-09 14:46:16 EST
Ville standalone QEMU is affected. However due to the nature of the problem it
is not considered a security issue and is not to be handled differently than any
other bug.

Note You need to log in before you can comment on or make changes to this bug.