CVE-2007-1366 - Vulnerability Details - OpenCVE

QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Qemu	Qemu

Configuration 1 [-]

cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:3.1:::::::*
	cpe:2.3:o:debian:debian_linux:4.0:::::::*

No data.

References

Link	Providers
http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00650.html
http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00651.html
http://osvdb.org/35498
http://secunia.com/advisories/25073
http://secunia.com/advisories/25095
http://secunia.com/advisories/29129
http://taviso.decsystem.org/virtsec.pdf
http://www.debian.org/security/2007/dsa-1284
http://www.mandriva.com/security/advisories?name=MDVSA-2008:162
http://www.securityfocus.com/bid/23731
http://www.vupen.com/english/advisories/2007/1597
https://exchange.xforce.ibmcloud.com/vulnerabilities/34046
https://www.cve.org/CVERecord?id=CVE-2007-1366

History

Wed, 28 May 2025 14:45:00 +0000

Type	Values Removed	Values Added
References		https://www.cve.org/CVERecord?id=CVE-2007-1366

Thu, 22 May 2025 04:30:00 +0000

Type	Values Removed	Values Added
References	https://nvd.nist.gov/vuln/detail/CVE-2007-1366 https://www.cve.org/CVERecord?id=CVE-2007-1366

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-05-02T17:00:00

Updated: 2024-08-07T12:50:35.160Z

Reserved: 2007-03-09T00:00:00

Link: CVE-2007-1366

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-05-02T17:19:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-1366

Redhat

Severity : Moderate

Publid Date: 2007-04-20T00:00:00Z

Links: CVE-2007-1366 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-05-01T00:00:00", "descriptions": [{"lang": "en", "value": "QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by \"aam 0x0,\" which triggers a divide-by-zero error."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23731", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23731"}, {"name": "DSA-1284", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1284"}, {"name": "25073", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25073"}, {"tags": ["x_refsource_MISC"], "url": "http://taviso.decsystem.org/virtsec.pdf"}, {"name": "[Qemu-devel] 20070428 Qemu crashes on AAM 0", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00650.html"}, {"name": "MDVSA-2008:162", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162"}, {"name": "35498", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/35498"}, {"name": "ADV-2007-1597", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1597"}, {"name": "29129", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29129"}, {"name": "25095", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25095"}, {"name": "qemu-aam-dos(34046)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34046"}, {"name": "[Qemu-devel] 20070429 Re: Qemu crashes on AAM 0", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00651.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1366", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by \"aam 0x0,\" which triggers a divide-by-zero error."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23731", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23731"}, {"name": "DSA-1284", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1284"}, {"name": "25073", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25073"}, {"name": "http://taviso.decsystem.org/virtsec.pdf", "refsource": "MISC", "url": "http://taviso.decsystem.org/virtsec.pdf"}, {"name": "[Qemu-devel] 20070428 Qemu crashes on AAM 0", "refsource": "MLIST", "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00650.html"}, {"name": "MDVSA-2008:162", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162"}, {"name": "35498", "refsource": "OSVDB", "url": "http://osvdb.org/35498"}, {"name": "ADV-2007-1597", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1597"}, {"name": "29129", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29129"}, {"name": "25095", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25095"}, {"name": "qemu-aam-dos(34046)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34046"}, {"name": "[Qemu-devel] 20070429 Re: Qemu crashes on AAM 0", "refsource": "MLIST", "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00651.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:50:35.160Z"}, "title": "CVE Program Container", "references": [{"name": "23731", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23731"}, {"name": "DSA-1284", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1284"}, {"name": "25073", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25073"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://taviso.decsystem.org/virtsec.pdf"}, {"name": "[Qemu-devel] 20070428 Qemu crashes on AAM 0", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00650.html"}, {"name": "MDVSA-2008:162", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162"}, {"name": "35498", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/35498"}, {"name": "ADV-2007-1597", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1597"}, {"name": "29129", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29129"}, {"name": "25095", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25095"}, {"name": "qemu-aam-dos(34046)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34046"}, {"name": "[Qemu-devel] 20070429 Re: Qemu crashes on AAM 0", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00651.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1366", "datePublished": "2007-05-02T17:00:00", "dateReserved": "2007-03-09T00:00:00", "dateUpdated": "2024-08-07T12:50:35.160Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "27650033-1C9F-4175-A26F-D9082A36F079", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by \"aam 0x0,\" which triggers a divide-by-zero error."}, {"lang": "es", "value": "QEMU 0.8.2 permite a usuarios locales colgar una m\u00e1quina virtual mediante el operando divisor en la instrucci\u00f3n aam, como se ha demostrado \"aam 0x0\", la cual dispara un error de divisi\u00f3n por cero."}], "id": "CVE-2007-1366", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-05-02T17:19:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00650.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00651.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://osvdb.org/35498"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/25073"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/25095"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/29129"}, {"source": "cve@mitre.org", "tags": ["Technical Description", "Third Party Advisory"], "url": "http://taviso.decsystem.org/virtsec.pdf"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2007/dsa-1284"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/23731"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1597"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34046"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00650.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00651.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://osvdb.org/35498"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/25073"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/25095"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/29129"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Technical Description", "Third Party Advisory"], "url": "http://taviso.decsystem.org/virtsec.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2007/dsa-1284"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/23731"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1597"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34046"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect Xen as shipped with Red Hat Enterprise Linux 5.", "lastModified": "2007-09-24T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}