Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170224100342.GA3592@f195.suse.de>
Date: Fri, 24 Feb 2017 11:03:42 +0100
From: Matthias Gerstner <mgerstner@...e.de>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2017-5956 virglrenderer: Virglrenderer: OOB
 access while in vrend_draw_vbo

> Upstream patch:
> ---------------
>   -> https://cgit.freedesktop.org/virglrenderer/commit/?id=a5ac49940c40ae415eac0cf912eac7070b4ba95d

Please note that the fix for this issue opens a memory leak, because it
forgets to free the 've' structure from this line:

  ve = calloc(num_elements, sizeof(struct pipe_vertex_element));

A possible follow-up patch is attached.

I've already informed the reporter of this issue but there seems to be
no upstream fix yet.

Regards

Matthias

-- 
Matthias Gerstner <matthias.gerstner@...e.de>
Dipl.-Wirtsch.-Inf. (FH), Security Engineer
https://www.suse.com/security

SUSE Linux GmbH 
GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nuernberg)

Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.