CVE Database


Impact: Important
Public: 2007-04-20
Bugzilla: 237342: CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow


The MITRE CVE dictionary describes this issue as:

Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.

Find out more about CVE-2007-1320 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux Virtualization version 5 (xen) RHSA-2007:0323 October 02, 2007
Red Hat Enterprise Linux version 5 (xen) RHSA-2007:0323 October 02, 2007

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.