Unrated severityNVD Advisory· Published May 2, 2007· Updated Apr 23, 2026

CVE-2007-1320

Description

Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow.

Affected products

QEMU/Qemu
cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*
Debian/Debian Linux2 versions
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Fedoraproject/Fedora2 versions
cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*
Fedoraproject/Fedora Core
cpe:2.3:o:fedoraproject:fedora_core:6:*:*:*:*:*:*:*
OpenSUSE/openSUSE2 versions
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.htmlnvdMailing ListThird Party Advisory
secunia.com/advisories/25073nvdThird Party Advisory
secunia.com/advisories/25095nvdThird Party Advisory
secunia.com/advisories/27047nvdThird Party Advisory
secunia.com/advisories/27085nvdThird Party Advisory
secunia.com/advisories/27103nvdThird Party Advisory
secunia.com/advisories/27486nvdThird Party Advisory
secunia.com/advisories/29129nvdThird Party Advisory
secunia.com/advisories/30413nvdThird Party Advisory
secunia.com/advisories/33568nvdThird Party Advisory
taviso.decsystem.org/virtsec.pdfnvdTechnical DescriptionThird Party Advisory
www.debian.org/security/2007/dsa-1284nvdThird Party Advisory
www.debian.org/security/2007/dsa-1384nvdThird Party Advisory
www.mandriva.com/security/advisoriesnvdThird Party Advisory
www.mandriva.com/security/advisoriesnvdThird Party Advisory
www.redhat.com/support/errata/RHSA-2007-0323.htmlnvdThird Party Advisory
www.securityfocus.com/bid/23731nvdThird Party AdvisoryVDB Entry
www.vupen.com/english/advisories/2007/1597nvdThird Party Advisory
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10315nvdThird Party Advisory
www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.htmlnvdThird Party Advisory
www.redhat.com/archives/fedora-package-announce/2008-May/msg00706.htmlnvdThird Party Advisory
www.redhat.com/archives/fedora-package-announce/2008-May/msg00935.htmlnvdThird Party Advisory
osvdb.org/35494nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000