CVE-2007-1320

CWE-787 — Out-of-bounds Write CWE-20 — Improper Input Validation CWE-119 — Buffer Overflow16 documents7 sources

Severity

7.2HIGH

EPSS

0.1%

top 83.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Debian Linux Fedoraproject Fedora Fedoraproject Fedora Core +2 more

Timeline

PublishedMay 2

Latest updateMay 1

Description

Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages4 packages

▶Debianqemu< 0.9.0-2+3

▶NVDqemu/qemu0.8.2

▶NVDopensuse/opensuse11.0, 11.1+1

▶NVDfedoraproject/fedora_core6

Also affects: Debian Linux 3.1, 4.0, Fedora 8, 9

🔴Vulnerability Details

GHSA

GHSA-g9wg-j7vq-xx6p: Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0↗2022-05-01

▶

OSV

CVE-2007-1320: Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0↗2007-05-02

▶

CVEList

CVE-2007-1320: Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0↗2007-05-02

▶

📋Vendor Advisories

Red Hat

qemu: cirrus: insufficient blit region checks↗2014-12-04

▶

Red Hat

kvm/qemu/xen: Incomplete upstream fix for CVE-2007-1320↗2008-10-29

▶

Red Hat

xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow↗2007-04-20

▶

Debian

CVE-2007-1320: qemu - Multiple heap-based buffer overflows in the cirrus_invalidate_region function in...↗2007

▶

💬Community

Bugzilla

CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow↗2008-11-11

▶

Bugzilla

CVE-2008-4539 kvm/qemu/xen: Incomplete upstream fix for CVE-2007-1320↗2008-10-14

▶

Bugzilla

CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow [Fedora 8]↗2008-05-27

▶

Bugzilla

CVE-2007-1320 xen/qemu Cirrus LGD-54XX "bitblt" Heap Overflow [Fedora 9]↗2008-05-27

▶

Bugzilla

CVE-2007-13{20-23}, CVE-2007-1366: qemu multiple vulnerabilities↗2007-09-26

▶