CVE-2007-5729

2007-10-3000:00:00

ubuntu.com

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.4%

JSON

The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary
code by writing Ethernet frames with a size larger than the MTU to the
EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp
library, aka NE2000 “mtu” heap overflow. NOTE: some sources have used
CVE-2007-1321 to refer to this issue as part of “NE2000 network driver and
the socket code,” but this is the correct identifier for the mtu overflow
vulnerability.

Notes

Author	Note
jdstrand	kvm includes qemu (0.9.1 on hardy) kvm does not use ne2000 by default Debian used CVE-2007-1321 for this issue

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchkvm< 1:62+dfsg-0ubuntu3UNKNOWN
ubuntu8.10noarchkvm< 1:62+dfsg-0ubuntu3UNKNOWN
ubuntu9.04noarchkvm< 1:62+dfsg-0ubuntu3UNKNOWN
ubuntu7.10noarchqemu< 0.9.0-2UNKNOWN
ubuntu8.04noarchqemu< 0.9.0-2UNKNOWN
ubuntu8.10noarchqemu< 0.9.0-2UNKNOWN
ubuntu9.04noarchqemu< 0.9.0-2UNKNOWN
ubuntu9.10noarchqemu-kvm< 0.9.0-2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	kvm	< 1:62+dfsg-0ubuntu3	UNKNOWN
ubuntu	8.10	noarch	kvm	< 1:62+dfsg-0ubuntu3	UNKNOWN
ubuntu	9.04	noarch	kvm	< 1:62+dfsg-0ubuntu3	UNKNOWN
ubuntu	7.10	noarch	qemu	< 0.9.0-2	UNKNOWN
ubuntu	8.04	noarch	qemu	< 0.9.0-2	UNKNOWN
ubuntu	8.10	noarch	qemu	< 0.9.0-2	UNKNOWN
ubuntu	9.04	noarch	qemu	< 0.9.0-2	UNKNOWN
ubuntu	9.10	noarch	qemu-kvm	< 0.9.0-2	UNKNOWN