CVE-2007-1320
Published: 2 May 2007
Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.
Notes
Author | Note |
---|---|
jdstrand | kvm contains qemu (0.9.1 on hardy) |
Priority
Status
Package | Release | Status |
---|---|---|
kvm Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Does not exist
|
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Released
(1:62+dfsg-0ubuntu3)
|
|
intrepid |
Released
(1:62+dfsg-0ubuntu3)
|
|
jaunty |
Released
(1:62+dfsg-0ubuntu3)
|
|
karmic |
Does not exist
|
|
upstream |
Needed
|
|
qemu Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Released
(0.9.0-2ubuntu2)
|
|
hardy |
Not vulnerable
(0.9.0-2ubuntu2)
|
|
intrepid |
Not vulnerable
(0.9.0-2ubuntu2)
|
|
jaunty |
Not vulnerable
(0.9.0-2ubuntu2)
|
|
karmic |
Does not exist
|
|
upstream |
Released
|
|
Patches: vendor: http://www.debian.org/security/2007/dsa-1284 |
||
qemu-kvm Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Not vulnerable
(0.9.0-2ubuntu2)
|
|
upstream |
Needs triage
|
|
xen-3.1 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
gutsy |
Released
(3.1.0-0ubuntu18)
|
|
hardy |
Not vulnerable
|
|
intrepid |
Not vulnerable
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
upstream |
Released
|