Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 609494 (CVE-2017-5994) - <media-libs/virglrenderer-0.6.0: out-of-bounds access in vrend_create_vertex_elements_state
Summary: <media-libs/virglrenderer-0.6.0: out-of-bounds access in vrend_create_vertex_...
Status: RESOLVED FIXED
Alias: CVE-2017-5994
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B3 [glsa cve]
Keywords:
Depends on: CVE-2017-6317
Blocks:
  Show dependency tree
 
Reported: 2017-02-16 08:51 UTC by Agostino Sarubbo
Modified: 2017-07-08 12:37 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2017-02-16 08:51:29 UTC
From ${URL} :

Virgil 3d project, used by Quick Emulator(Qemu) to implement 3D GPU support
for the virtio GPU, is vulnerable to an OOB array access issue. It could occur
when creating vertex elements array in vrend_create_vertex_elements_state().

A guest user/process could use this flaw to crash the Qemu process instance
resulting DoS.

Upstream patch:
---------------
  -> https://cgit.freedesktop.org/virglrenderer/commit/?id=114688c526fe45f341d75ccd1d85473c3b08f7a7

Reference:
----------
  -> http://www.openwall.com/lists/oss-security/2017/02/15/8


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Matthias Maier gentoo-dev 2017-05-03 06:12:04 UTC
commit 07f72dae992b1dd9a13489da0238edd6bd5f6337
Author: Matthias Maier <tamiko@gentoo.org>
Date:   Wed May 3 00:55:44 2017 -0500

    media-libs/virglrenderer: version bump to 0.6.0
    
    This is a hand-packaged version of upstream commit
    
      737c3350850ca4dbc5633b3bdb4118176ce59920
    
    (version 0.6.0 with two additional security patches)
    containing fixes for the following security issues:
    
    CVE-2016-10163, bug #606996
    CVE-2017-5580,  bug #607022
    CVE-2016-10214, bug #608734
    CVE-2017-5957,  bug #609400
    CVE-2017-5956,  bug #609402
    CVE-2017-5993,  bug #609492
    CVE-2017-5994,  bug #609494
    CVE-2017-6210,  bug #610678
    CVE-2017-6209,  bug #610680
    CVE-2017-6386,  bug #611378
    CVE-2017-6355,  bug #611380
    CVE-2017-6317,  bug #611382
    
    Package-Manager: Portage-2.3.5, Repoman-2.3.2
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2017-07-08 12:37:41 UTC
This issue was resolved and addressed in
 GLSA 201707-06 at https://security.gentoo.org/glsa/201707-06
by GLSA coordinator Thomas Deutschmann (whissi).