CVE-2004-2372

Name of the Vulnerable Software and Affected Versions: Bochs versions prior to 2.1.1

Description: A buffer overflow issue exists, allowing local users to execute arbitrary code via a long HOME environment variable. This occurs when the .bochsrc, bochsrc, and bochsrc.txt files cannot be found in a known path, and Bochs is installed setuid.

Recommendations: For versions prior to 2.1.1, update to version 2.1.1 or later to resolve the issue. As a temporary workaround, consider removing the setuid bit from the Bochs installation to minimize the risk of exploitation.