Nicolae Mogoreanu discovered a heap overflow in the emulated e1000e network interface card of QEMU, which is used in the xen-qemu-dm-4.0 packages. This vulnerability might enable to malicious guest systems to crash the host system or escalate their privileges. The old stable distribution (lenny) does not contain the xen-qemu-dm-4.0 package. For the stable distribution (squeeze), this problem has been fixed in version 4.0.1-2+squeeze1. The testing distribution (wheezy) and the unstable distribution (sid) will be fixed soon.
Nicolae Mogoreanu discovered a heap overflow in the emulated e1000e network interface card of QEMU, which is used in the xen-qemu-dm-4.0 packages. This vulnerability might enable to malicious guest systems to crash the host system or escalate their privileges.
The old stable distribution (lenny) does not contain the xen-qemu-dm-4.0 package.
For the stable distribution (squeeze), this problem has been fixed in version 4.0.1-2+squeeze1.
The testing distribution (wheezy) and the unstable distribution (sid) will be fixed soon.