Date: Fri, 24 Feb 2017 11:03:42 +0100 From: Matthias Gerstner <mgerstner@...e.de> To: oss-security@...ts.openwall.com Subject: Re: CVE-2017-5956 virglrenderer: Virglrenderer: OOB access while in vrend_draw_vbo > Upstream patch: > --------------- > -> https://cgit.freedesktop.org/virglrenderer/commit/?id=a5ac49940c40ae415eac0cf912eac7070b4ba95d Please note that the fix for this issue opens a memory leak, because it forgets to free the 've' structure from this line: ve = calloc(num_elements, sizeof(struct pipe_vertex_element)); A possible follow-up patch is attached. I've already informed the reporter of this issue but there seems to be no upstream fix yet. Regards Matthias -- Matthias Gerstner <matthias.gerstner@...e.de> Dipl.-Wirtsch.-Inf. (FH), Security Engineer https://www.suse.com/security SUSE Linux GmbH GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nuernberg) [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ