Comment 0 for bug 213570

Binary package hint: kvm

kvm uses qemu 0.9.1, and this version of qemu is vulnerable to several CVEs. Several of these were fixed in the Debian DSA:

http://www.debian.org/security/2007/dsa-1284

This DSA fixes CVE-2007-1320, CVE-2007-1321, CVE-2007-1322, CVE-2007-1323.
Please note that CVE-2007-1323 is a duplicate of CVE-2007-2893. Also note that CVE-2007-5729 and CVE-2007-5730 are referred to as CVE-2007-1321 in Debian.

In addition to these fixes, qemu 0.9.1 is also vulnerable to CVE-2008-0928.