CVE-2017-5994
https://notcve.org/view.php?id=CVE-2017-5994
Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and crash) via the num_elements parameter. Desbordamiento de búfer basado en memoria dinámica en la función vrend_create_vertex_elements_state en vrend_renderer.c en virglrenderer en versiones anteriores a 0.6.0 permite a usuarios locales del SO invitado provocar una denegación de servicio (acceso al array fuera de límites y caída) a través del parámetro num_elements. • http://www.openwall.com/lists/oss-security/2017/02/15/8 http://www.securityfocus.com/bid/96276 https://bugzilla.redhat.com/show_bug.cgi?id=1422452 https://cgit.freedesktop.org/virglrenderer/commit/?id=114688c526fe45f341d75ccd1d85473c3b08f7a7 https://lists.freedesktop.org/archives/virglrenderer-devel/2017-February/000145.html https://security.gentoo.org/glsa/201707-06 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-5993
https://notcve.org/view.php?id=CVE-2017-5993
Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_CCMD_BLIT commands. Pérdida de memoria en la función vrend_renderer_init_blit_ctx en vrend_blitter.c en virglrenderer en versiones anteriores a 0.6.0 permite a usuarios locales de SO invitado provocar una denegación de servicio (consumo de memoria del host) a través de un gran número de comandos VIRGL_CCMD_BLIT. • http://www.openwall.com/lists/oss-security/2017/02/15/7 http://www.securityfocus.com/bid/96275 https://bugzilla.redhat.com/show_bug.cgi?id=1422438 https://cgit.freedesktop.org/virglrenderer/commit/?id=6eb13f7a2dcf391ec9e19b4c2a79e68305f63c22 https://lists.freedesktop.org/archives/virglrenderer-devel/2017-February/000145.html https://security.gentoo.org/glsa/201707-06 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2017-6386
https://notcve.org/view.php?id=CVE-2017-6386
Memory leak in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_OBJECT_VERTEX_ELEMENTS commands. Pérdida de memoria en la función vrend_create_vertex_elements_state en vrend_renderer.c en virglrenderer permite a usuarios locales del SO invitado provocar una denegación de servicio (consumo de memoria del host) a través de un gran número de comandos VIRGL_OBJECT_VERTEX_ELEMENTS. • http://www.openwall.com/lists/oss-security/2017/03/01/7 http://www.securityfocus.com/bid/96506 https://bugzilla.redhat.com/show_bug.cgi?id=1427472 https://cgit.freedesktop.org/virglrenderer/commit/?id=737c3350850ca4dbc5633b3bdb4118176ce59920 https://security.gentoo.org/glsa/201707-06 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2017-6317
https://notcve.org/view.php?id=CVE-2017-6317
Memory leak in the add_shader_program function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via vectors involving the sprog variable. Pérdida de memoria en la función add_shader_program en vrend_renderer.c en virglrenderer en versiones anteriores a 0.6.0 permite a usuarios locales del SO invitado provocar una denegación de servicio (consumo de memoria del host) a través de vectores que implican la variable sprog. • http://www.openwall.com/lists/oss-security/2017/02/24/5 http://www.securityfocus.com/bid/96450 https://bugzilla.redhat.com/show_bug.cgi?id=1426756 https://cgit.freedesktop.org/virglrenderer/commit/?id=a2f12a1b0f95b13b6f8dc3d05d7b74b4386394e4 https://lists.freedesktop.org/archives/virglrenderer-devel/2017-February/000145.html https://security.gentoo.org/glsa/201707-06 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2017-5957
https://notcve.org/view.php?id=CVE-2017-5957
Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in virglrenderer before 926b9b3460a48f6454d8bbe9e44313d86a65447f, as used in Quick Emulator (QEMU), allows a local guest users to cause a denial of service (application crash) via the "nr_cbufs" argument. Desbordamiento del búfer basado en pila en la función vrend_decode_set_framebuffer_state en vrend_decode.c en virglrenderer en versiones anteriores a 926b9b3460a48f6454d8bbe9e44313d86a65447f, como se utiliza en Quick Emulator (QEMU), permite a un usuario local invitado provocar una denegación de servicio (caída de la aplicación) a través del argumento "nr_cbufs". • http://www.openwall.com/lists/oss-security/2017/02/13/3 http://www.securityfocus.com/bid/96215 https://bugzilla.redhat.com/show_bug.cgi?id=1421126 https://cgit.freedesktop.org/virglrenderer/commit/?id=926b9b3460a48f6454d8bbe9e44313d86a65447f https://security.gentoo.org/glsa/201707-06 • CWE-787: Out-of-bounds Write •