CVE-2017-5957 - Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in

CVE-2017-5957

Summary

Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in virglrenderer before 926b9b3460a48f6454d8bbe9e44313d86a65447f, as used in Quick Emulator (QEMU), allows a local guest users to cause a denial of service (application crash) via the "nr_cbufs" argument.

References

Vulnerable Configurations

cpe:2.3:a:virglrenderer_project:virglrenderer:-:*:*:*:*:*:*:*
cpe:2.3:a:virglrenderer_project:virglrenderer:-:*:*:*:*:*:*:*
cpe:2.3:a:virglrenderer_project:virglrenderer:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:virglrenderer_project:virglrenderer:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:virglrenderer_project:virglrenderer:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:virglrenderer_project:virglrenderer:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:virglrenderer_project:virglrenderer:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:virglrenderer_project:virglrenderer:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 19-05-2021 - 14:56)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	96215
confirm	https://bugzilla.redhat.com/show_bug.cgi?id=1421126 https://cgit.freedesktop.org/virglrenderer/commit/?id=926b9b3460a48f6454d8bbe9e44313d86a65447f
gentoo	GLSA-201707-06
mlist	[oss-security] 20170213 CVE-2017-5957 Virglrenderer: stack overflow in vrend_decode_set_framebuffer_state

Last major update

19-05-2021 - 14:56

Published

14-03-2017 - 14:59

Last modified

19-05-2021 - 14:56