Date: Fri, 24 Feb 2017 11:03:42 +0100 From: Matthias Gerstner <mgerstner@...e.de> To: oss-security@...ts.openwall.com Subject: Re: CVE-2017-5956 virglrenderer: Virglrenderer: OOB access while in vrend_draw_vbo > Upstream patch: > --------------- > -> https://cgit.freedesktop.org/virglrenderer/commit/?id=a5ac49940c40ae415eac0cf912eac7070b4ba95d Please note that the fix for this issue opens a memory leak, because it forgets to free the 've' structure from this line: ve = calloc(num_elements, sizeof(struct pipe_vertex_element)); A possible follow-up patch is attached. I've already informed the reporter of this issue but there seems to be no upstream fix yet. Regards Matthias -- Matthias Gerstner <matthias.gerstner@...e.de> Dipl.-Wirtsch.-Inf. (FH), Security Engineer https://www.suse.com/security SUSE Linux GmbH GF: Felix Imendörffer, Jane Smithard, Graham Norton HRB 21284 (AG Nuernberg) Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.