PublicDate: 2007-05-02 17:19:00 UTC
Candidate: CVE-2007-1320
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1320
Description:
 Multiple heap-based buffer overflows in the cirrus_invalidate_region
 function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and
 possibly other products, might allow local users to execute arbitrary code
 via unspecified vectors related to "attempting to mark non-existent regions
 as dirty," aka the "bitblt" heap overflow.
Ubuntu-Description:
Notes:
 jdstrand> kvm contains qemu (0.9.1 on hardy)
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:


Patches_qemu:
 vendor: http://www.debian.org/security/2007/dsa-1284
upstream_qemu: released
dapper_qemu: ignored (reached end-of-life)
edgy_qemu: needed (reached end-of-life)
feisty_qemu: needed (reached end-of-life)
gutsy_qemu: released (0.9.0-2ubuntu2)
hardy_qemu: not-affected (0.9.0-2ubuntu2)
intrepid_qemu: not-affected (0.9.0-2ubuntu2)
jaunty_qemu: not-affected (0.9.0-2ubuntu2)
karmic_qemu: DNE
devel_qemu: DNE

upstream_xen-3.1: released
dapper_xen-3.1: DNE
gutsy_xen-3.1: released (3.1.0-0ubuntu18)
hardy_xen-3.1: not-affected
intrepid_xen-3.1: not-affected
jaunty_xen-3.1: DNE
karmic_xen-3.1: DNE
devel_xen-3.1: DNE

Patches_kvm:
upstream_kvm: needed
dapper_kvm: DNE
edgy_kvm: DNE
feisty_kvm: needed (reached end-of-life)
gutsy_kvm: needed (reached end-of-life)
hardy_kvm: released (1:62+dfsg-0ubuntu3)
intrepid_kvm: released (1:62+dfsg-0ubuntu3)
jaunty_kvm: released (1:62+dfsg-0ubuntu3)
karmic_kvm: DNE
devel_kvm: DNE

Patches_qemu-kvm:
upstream_qemu-kvm: needs-triage
dapper_qemu-kvm: DNE
hardy_qemu-kvm: DNE
intrepid_qemu-kvm: DNE
jaunty_qemu-kvm: DNE
karmic_qemu-kvm: not-affected (0.9.0-2ubuntu2)
devel_qemu-kvm: not-affected (0.9.0-2ubuntu2)