Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC

Bug 611380 (CVE-2017-6355)

Summary: <media-libs/virglrenderer-0.6.0: renderer: integer overflow while creating shader object
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: qemu+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1427054
Whiteboard: B3 [glsa cve cleanup]
Package list:
Runtime testing required: ---
Bug Depends on: 611382    
Bug Blocks:    

Description Agostino Sarubbo gentoo-dev 2017-03-02 08:53:07 UTC
From ${URL} :

Virgil 3d project, used by Quick Emulator(Qemu) to implement 3D GPU support
for the virtio GPU, is vulnerable to an integer overflow issue. It could occur
when creating a shader object in vrend_create_shader().

A guest user/process could use this flaw to crash the Qemu process resulting
DoS.

Upstream patch:
---------------
  -> https://cgit.freedesktop.org/virglrenderer/commit/?id=93761787b29f37fa627dea9082cdfc1a1ec608d6

Reference:
----------
  -> http://www.openwall.com/lists/oss-security/2017/02/27/3


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Matthias Maier gentoo-dev 2017-05-03 06:05:56 UTC
commit 07f72dae992b1dd9a13489da0238edd6bd5f6337
Author: Matthias Maier <tamiko@gentoo.org>
Date:   Wed May 3 00:55:44 2017 -0500

    media-libs/virglrenderer: version bump to 0.6.0
    
    This is a hand-packaged version of upstream commit
    
      737c3350850ca4dbc5633b3bdb4118176ce59920
    
    (version 0.6.0 with two additional security patches)
    containing fixes for the following security issues:
    
    CVE-2016-10163, bug #606996
    CVE-2017-5580,  bug #607022
    CVE-2016-10214, bug #608734
    CVE-2017-5957,  bug #609400
    CVE-2017-5956,  bug #609402
    CVE-2017-5993,  bug #609492
    CVE-2017-5994,  bug #609494
    CVE-2017-6210,  bug #610678
    CVE-2017-6209,  bug #610680
    CVE-2017-6386,  bug #611378
    CVE-2017-6355,  bug #611380
    CVE-2017-6317,  bug #611382
    
    Package-Manager: Portage-2.3.5, Repoman-2.3.2
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2017-07-08 12:38:14 UTC
This issue was resolved and addressed in
 GLSA 201707-06 at https://security.gentoo.org/glsa/201707-06
by GLSA coordinator Thomas Deutschmann (whissi).