CVE-2017-6209
Summary
| CVE | CVE-2017-6209 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2017-03-15 14:59:00 UTC |
|---|
| Updated | 2017-07-11 01:33:00 UTC |
|---|
| Description | Stack-based buffer overflow in the parse_identifier function in tgsi_text.c in the TGSI auxiliary module in the Gallium driver in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to parsing properties. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| 1426149 – (CVE-2017-6209) CVE-2017-6209 Virglrenderer: stack buffer oveflow in parse_identifier |
CONFIRM |
bugzilla.redhat.com |
Issue Tracking, Patch |
| virglrenderer: Multiple vulnerabilities (GLSA 201707-06) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| [virglrenderer-devel] [ANNOUNCE] virglrenderer 0.6.0 |
MLIST |
lists.freedesktop.org |
Patch |
| virglrenderer - VirGL virtual OpenGL renderer (mirrored from https://gitlab.freedesktop.org/virgl/virglrenderer) |
CONFIRM |
cgit.freedesktop.org |
Patch |
| Virglrenderer CVE-2017-6209 Stack Buffer Overflow Vulnerability |
BID |
www.securityfocus.com |
Third Party Advisory, VDB Entry |
| oss-security - CVE-2017-6209 Virglrenderer: stack buffer oveflow in
parse_identifier |
MLIST |
www.openwall.com |
Mailing List, Patch |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 710490 Gentoo Linux virglrenderer Multiple Vulnerabilities (GLSA 201707-06)
