CVE-2017-5580
https://notcve.org/view.php?id=CVE-2017-5580
The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process crash) via a crafted texture instruction. La función parse_instruction en gallium/auxiliar/tgsi/tgsi_text.c en virglrenderer en versiones anteriores a 0.6.0 permite a usuarios locales del SO invitado provocar una denegación de servicio (acceso al array fuera de límites y caída del proceso) a través de una instrucción de textura manipulada. • http://www.openwall.com/lists/oss-security/2017/01/24/5 http://www.openwall.com/lists/oss-security/2017/01/25/5 http://www.securityfocus.com/bid/95782 https://cgit.freedesktop.org/virglrenderer/commit/src/gallium/auxiliary/tgsi/tgsi_text.c?id=28894a30a17a84529be102b21118e55d6c9f23fa https://lists.freedesktop.org/archives/virglrenderer-devel/2017-February/000145.html https://security.gentoo.org/glsa/201707-06 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-10163
https://notcve.org/view.php?id=CVE-2016-10163
Memory leak in the vrend_renderer_context_create_internal function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) by repeatedly creating a decode context. Pérdida de memoria en la función vrend_renderer_context_create_internal en vrend_decode.c en virglrenderer en versiones anteriores a 0.6.0 permite a usuarios locales del SO invitado provocar una denegación de servicio (consumo de memoria del host) creando repetidamente un contexto de decodificación. • http://www.openwall.com/lists/oss-security/2017/01/24/2 http://www.openwall.com/lists/oss-security/2017/01/25/4 http://www.securityfocus.com/bid/95784 https://cgit.freedesktop.org/virglrenderer/commit/?id=747a293ff6055203e529f083896b823e22523fe7 https://lists.freedesktop.org/archives/virglrenderer-devel/2017-February/000145.html https://security.gentoo.org/glsa/201707-06 • CWE-399: Resource Management Errors •
CVE-2017-6209
https://notcve.org/view.php?id=CVE-2017-6209
Stack-based buffer overflow in the parse_identifier function in tgsi_text.c in the TGSI auxiliary module in the Gallium driver in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to parsing properties. Desbordamiento de búfer basado en pila en la función parse_identifier en tgsi_text.c en el módulo auxiliar TGSI en el controlador Gallium en virglrenderer en versiones anteriores a 0.6.0 permite a usuarios locales del SO invitado provocar una denegación de servicio (acceso al array fuera de límites y caída del proceso QEMU) a través de vectores relacionados con propiedades de análisis. • http://www.openwall.com/lists/oss-security/2017/02/23/20 http://www.securityfocus.com/bid/96437 https://bugzilla.redhat.com/show_bug.cgi?id=1426149 https://cgit.freedesktop.org/virglrenderer/commit/?id=e534b51ca3c3cd25f3990589932a9ed711c59b27 https://lists.freedesktop.org/archives/virglrenderer-devel/2017-February/000145.html https://security.gentoo.org/glsa/201707-06 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-6210
https://notcve.org/view.php?id=CVE-2017-6210
The vrend_decode_reset function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero). La función vrend_decode_reset en vrend_decode.c en virglrenderer en versiones anteriores a 0.6.0 permite a usuarios locales del SO invitado provocar una denegación de servicio (referencia a puntero NULL y caída del proceso QEMU) destruyendo el contexto 0 (cero). • http://www.openwall.com/lists/oss-security/2017/02/23/21 http://www.securityfocus.com/bid/96439 https://bugzilla.redhat.com/show_bug.cgi?id=1426170 https://cgit.freedesktop.org/virglrenderer/commit/?id=0a5dff15912207b83018485f83e067474e818bab https://lists.freedesktop.org/archives/virglrenderer-devel/2017-February/000145.html https://security.gentoo.org/glsa/201707-06 • CWE-476: NULL Pointer Dereference •
CVE-2017-5994
https://notcve.org/view.php?id=CVE-2017-5994
Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and crash) via the num_elements parameter. Desbordamiento de búfer basado en memoria dinámica en la función vrend_create_vertex_elements_state en vrend_renderer.c en virglrenderer en versiones anteriores a 0.6.0 permite a usuarios locales del SO invitado provocar una denegación de servicio (acceso al array fuera de límites y caída) a través del parámetro num_elements. • http://www.openwall.com/lists/oss-security/2017/02/15/8 http://www.securityfocus.com/bid/96276 https://bugzilla.redhat.com/show_bug.cgi?id=1422452 https://cgit.freedesktop.org/virglrenderer/commit/?id=114688c526fe45f341d75ccd1d85473c3b08f7a7 https://lists.freedesktop.org/archives/virglrenderer-devel/2017-February/000145.html https://security.gentoo.org/glsa/201707-06 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •