1. Gentoo Linux Security Advisory
| Advisory Reference | GLSA 200711-21 / bochs |
| Release Date | November 17, 2007 |
| Latest Revision | November 17, 2007: 01 |
| Impact | high |
| Exploitable | local |
| Package | Vulnerable versions | Unaffected versions | Architecture(s) |
| app-emulation/bochs | < 2.3 | >= 2.3 | All supported architectures |
Related bugreports: #188148
Multiple vulnerabilities have been discovered in Bochs, possibly allowing for the execution of arbitrary code or a Denial of Service.
Bochs is a IA-32 (x86) PC emulator written in C++.
Tavis Ormandy of the Google Security Team discovered a heap-based overflow vulnerability in the NE2000 driver (CVE-2007-2893). He also discovered a divide-by-zero error in the emulated floppy disk controller (CVE-2007-2894).
A local attacker in the guest operating system could exploit these issues to execute code outside of the virtual machine, or cause Bochs to crash.
There is no known workaround at this time.
All Bochs users should upgrade to the latest version:
Code Listing 3.1: Resolution |
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/bochs-2.3" |