CVE-2017-5580
Summary
| CVE | CVE-2017-5580 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2017-03-15 15:59:00 UTC |
|---|
| Updated | 2017-07-11 01:33:00 UTC |
|---|
| Description | The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process crash) via a crafted texture instruction. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Virglrenderer CVE-2017-5580 Denial of Service Vulnerability |
BID |
www.securityfocus.com |
Third Party Advisory, VDB Entry |
| virglrenderer: Multiple vulnerabilities (GLSA 201707-06) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| virglrenderer - VirGL virtual OpenGL renderer (mirrored from https://gitlab.freedesktop.org/virgl/virglrenderer) |
CONFIRM |
cgit.freedesktop.org |
Patch, Third Party Advisory |
| [virglrenderer-devel] [ANNOUNCE] virglrenderer 0.6.0 |
MLIST |
lists.freedesktop.org |
Release Notes, Third Party Advisory |
| oss-security - CVE request Virglrenderer: OOB access while parsing texture
instruction |
MLIST |
www.openwall.com |
Mailing List, Patch, Third Party Advisory |
| oss-security - Re: CVE request Virglrenderer: OOB access while parsing texture instruction |
MLIST |
www.openwall.com |
Mailing List, Third Party Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 710490 Gentoo Linux virglrenderer Multiple Vulnerabilities (GLSA 201707-06)
