CVE-2007-1366

Name: CVE-2007-1366
Creator: NVD / NIST
Published: 2007-05-02T17:19:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.40%

Last modified Jun 16, 2026

CVE-2007-1366 is a vulnerability of currently unknown severity. QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error.. EPSS estimates a 0.40% chance of exploitation in the next 30 days.

Description

QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error.

Metrics

EPSS Probability

0.40%

32.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Qemu	Qemu	0.8.2
Debian	Debian Linux	3.1
Debian	Debian Linux	4.0

References

http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00650.htmlMailing List, Third Party Advisory
http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00651.htmlMailing List, Patch, Third Party Advisory
http://osvdb.org/35498Broken Link
http://secunia.com/advisories/25073Third Party Advisory
http://secunia.com/advisories/25095Third Party Advisory
http://secunia.com/advisories/29129Third Party Advisory
http://taviso.decsystem.org/virtsec.pdfTechnical Description, Third Party Advisory
http://www.debian.org/security/2007/dsa-1284Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:162Third Party Advisory
http://www.securityfocus.com/bid/23731Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2007/1597Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/34046Third Party Advisory, VDB Entry
http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00650.htmlMailing List, Third Party Advisory
http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00651.htmlMailing List, Patch, Third Party Advisory
http://osvdb.org/35498Broken Link
http://secunia.com/advisories/25073Third Party Advisory
http://secunia.com/advisories/25095Third Party Advisory
http://secunia.com/advisories/29129Third Party Advisory
http://taviso.decsystem.org/virtsec.pdfTechnical Description, Third Party Advisory
http://www.debian.org/security/2007/dsa-1284Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:162Third Party Advisory
http://www.securityfocus.com/bid/23731Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2007/1597Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/34046Third Party Advisory, VDB Entry

Timeline

Published: May 2, 2007
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2007-1366?

QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error.

How severe is CVE-2007-1366?

Severity scoring for CVE-2007-1366 is pending analysis. The EPSS model estimates a 0.40% probability of exploitation in the next 30 days.

How do I fix CVE-2007-1366?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-1366?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST