oss-sec mailing list archives
Re: CVE-2017-5956 virglrenderer: Virglrenderer: OOB access while in vrend_draw_vbo
From: Matthias Gerstner <mgerstner () suse de>
Date: Fri, 24 Feb 2017 11:03:42 +0100
Upstream patch: --------------- -> https://cgit.freedesktop.org/virglrenderer/commit/?id=a5ac49940c40ae415eac0cf912eac7070b4ba95d
Please note that the fix for this issue opens a memory leak, because it forgets to free the 've' structure from this line: ve = calloc(num_elements, sizeof(struct pipe_vertex_element)); A possible follow-up patch is attached. I've already informed the reporter of this issue but there seems to be no upstream fix yet. Regards Matthias -- Matthias Gerstner <matthias.gerstner () suse de> Dipl.-Wirtsch.-Inf. (FH), Security Engineer https://www.suse.com/security SUSE Linux GmbH GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nuernberg)
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE-2017-5956 virglrenderer: Virglrenderer: OOB access while in vrend_draw_vbo P J P (Feb 12)
- Re: CVE-2017-5956 virglrenderer: Virglrenderer: OOB access while in vrend_draw_vbo Matthias Gerstner (Feb 24)
- Re: CVE-2017-5956 virglrenderer: Virglrenderer: OOB access while in vrend_draw_vbo Matthias Gerstner (Feb 24)
- Re: CVE-2017-5956 virglrenderer: Virglrenderer: OOB access while in vrend_draw_vbo Matthias Gerstner (Feb 24)