oss-sec mailing list archives
Re: CVE request virglrenderer: host memory leak issue in virgl_resource_attach_backing
From: <cve-assign () mitre org>
Date: Wed, 8 Feb 2017 23:58:39 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Virgil 3d project, used by Quick Emulator(Qemu) to implement 3D GPU support for the virtio GPU, is vulnerable to memory leakage issue. It could occur when a guest invokes a 'VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING' command. A guest user/process could use this flaw to leak host memory leading to DoS. https://cgit.freedesktop.org/virglrenderer/commit/?id=40b0e7813325b08077b6f541b3989edb2d86d837 https://bugzilla.redhat.com/show_bug.cgi?id=1420266
Use CVE-2016-10214. This is not exactly the same as CVE-2017-5578 (from the http://www.openwall.com/lists/oss-security/2017/01/25/2 post). - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYm/MvAAoJEHb/MwWLVhi2A+gP/0kbCwh8jpQOSzRwlB24UF/2 NgP17KXlmr/hfHEjilX4w+0z0TvJMUpd58otvLFJiu+ZruJtveoY6qcZ65vc4j2W bSRqmSvpwLRRYCVgsgXpCXItyjuxcGtpGUTEDsUeam6N6aOw1UCeBS472C0/j4cO QRqlQWfxJpccUlwGKV4BcvlqE6Dw+NonJq3HXuVdw4M8fJHz4DMEtjKqIT+M8ied n8bYgEl1czHCdkopD5IxbFuOPZRKBVIVvnIFN9+F9bb6IuyQfHr1staZzTa49Nub +J4PjLFSeWDkDxSKKVMvCfkxTQ+WV+uXWxL7X2/KaNfJSS5oxNw4pSvuUj8kSe9f qRQDamEdpSDZD8jW2ziKLjNTe2rRXKOl7i+Uzq0UU4hSteVlsSXSWynN5Hav5oae GJZKQb4mbAmiVZ3uStERpWfR6xCNhgbuh0P7pb4hI91fGyelMNK693a2YbC0F0k8 dnHhVNxrKzwNeMBxvqlfkeK37y1VgawVivdMJY6SbVWo+2C0Wwo1+FiUMug+mnYH uY0GNcgRJ+FfpwG8L8odEAjXD4YsrR7KY9q53kMCQ8ZBt/pTEuIaDPV9lmB87RGU 3iy32pnus/u/bmIM48UUU0OQ1H4uVJatiqssjoGGgtAehFFx9wNjRaMFXZusPU7K o/ARln99V0GyjXav57Y9 =nWDl -----END PGP SIGNATURE-----
Current thread:
- CVE request virglrenderer: host memory leak issue in virgl_resource_attach_backing P J P (Feb 08)
- Re: CVE request virglrenderer: host memory leak issue in virgl_resource_attach_backing cve-assign (Feb 08)