Displaying 3 results from an estimated 3 matches for "cirrus_invalidate_region".
2007 Sep 25
0
Bug#444007: CVE-2007-1320 multiple heap based buffer overflows
Package: xen-3.0
Version: 3.0.3-0-2
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xen-3.0.
CVE-2007-1320[0]:
| Multiple heap-based buffer overflows in the cirrus_invalidate_region
| function in the Cirrus VGA extension in QEMU 0.8.2 might allow local
| users to execute arbitrary code via unspecified vectors related to
| "attempting to mark non-existent regions as dirty," aka the "bitblt"
| heap overflow.
If you fix this vulnerability please also include...
2017 Apr 20
0
qemu-kvm-ev-2.6.0-28.el7_3.9.1 now available for testing
...luster-Fix-use-after-free-in-glfs_clear_preopened.patch [bz#1413044]
- kvm-fix-cirrus_vga-fix-OOB-read-case-qemu-Segmentation-f.patch
[bz#1430061]
- kvm-cirrus-vnc-zap-bitblit-support-from-console-code.patch [bz#1430061]
- kvm-cirrus-add-option-to-disable-blitter.patch [bz#1430061]
- kvm-cirrus-fix-cirrus_invalidate_region.patch [bz#1430061]
- kvm-cirrus-stop-passing-around-dst-pointers-in-the-blitt.patch
[bz#1430061]
- kvm-cirrus-stop-passing-around-src-pointers-in-the-blitt.patch
[bz#1430061]
- kvm-cirrus-fix-off-by-one-in-cirrus_bitblt_rop_bkwd_tran.patch
[bz#1430061]
- kvm-file-posix-Consider-max_segments-for-Blo...
2009 Mar 02
0
[PATCH 4 of 13] DisplayState interface change
...am_ptr +
- (s->cirrus_blt_dstaddr & s->cirrus_addr_mask),
- s->vram_ptr +
- (s->cirrus_blt_srcaddr & s->cirrus_addr_mask),
- s->cirrus_blt_dstpitch, s->cirrus_blt_srcpitch,
- s->cirrus_blt_width, s->cirrus_blt_height);
-
- cirrus_invalidate_region(s, s->cirrus_blt_dstaddr,
- s->cirrus_blt_dstpitch, s->cirrus_blt_width,
- s->cirrus_blt_height);
- }
+ cirrus_do_copy(s, s->cirrus_blt_dstaddr - s->start_addr,
+ s->cirrus_blt_srcaddr - s->start_addr,
+ s->cirrus_blt_width, s->cirru...