CVE-2017-5994
Summary
| CVE | CVE-2017-5994 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2017-03-15 14:59:00 UTC |
|---|
| Updated | 2017-07-11 01:33:00 UTC |
|---|
| Description | Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and crash) via the num_elements parameter. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| 1422452 – (CVE-2017-5994) CVE-2017-5994 Virglrenderer: out-of-bounds access in vrend_create_vertex_elements_state |
CONFIRM |
bugzilla.redhat.com |
Issue Tracking, Patch, Third Party Advisory |
| oss-security - CVE-2017-5994 Virglrenderer: out-of-bounds access in
vrend_create_vertex_elements_state |
MLIST |
www.openwall.com |
Mailing List, Patch, Third Party Advisory |
| virglrenderer: Multiple vulnerabilities (GLSA 201707-06) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| virglrenderer - VirGL virtual OpenGL renderer (mirrored from https://gitlab.freedesktop.org/virgl/virglrenderer) |
CONFIRM |
cgit.freedesktop.org |
Patch |
| [virglrenderer-devel] [ANNOUNCE] virglrenderer 0.6.0 |
MLIST |
lists.freedesktop.org |
Patch |
| Virglrenderer CVE-2017-5994 Denial of Service Vulnerability |
BID |
www.securityfocus.com |
Third Party Advisory, VDB Entry |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 710490 Gentoo Linux virglrenderer Multiple Vulnerabilities (GLSA 201707-06)
