Skip to main content

Virglrenderer CVE-2017-6210

MEDIUM
NULL Pointer Dereference (CWE-476)
2017-03-15 cve@mitre.org
6.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 15, 2017 - 14:59 cve.org
MEDIUM 6.5

DescriptionCVE.org

The vrend_decode_reset function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero).

AnalysisAI

The vrend_decode_reset function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified as NULL Pointer Dereference (CWE-476), which allows attackers to crash the application by dereferencing a null pointer. The vrend_decode_reset function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero). Affected products include: Virglrenderer Project Virglrenderer. Version information: before 0.6.0.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Check pointers before dereferencing. Use static analysis tools to detect null pointer paths.

CVE-2022-0135 HIGH
7.8 Aug 25

An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). Rated high severity (CVSS 7

CVE-2019-18389 HIGH
7.8 Dec 23

A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer thro

CVE-2017-5580 HIGH
7.1 Mar 15

The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 allows local guest OS

CVE-2019-18390 HIGH
7.1 Dec 23

An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows

CVE-2017-5937 MEDIUM
6.5 Mar 15

The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d project (aka virglrenderer) 0.6.0 and earlier all

CVE-2017-6386 MEDIUM
6.5 Mar 15

Memory leak in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer allows local guest O

CVE-2016-10214 MEDIUM
6.5 Mar 20

Memory leak in the virgl_resource_attach_backing function in virglrenderer before 0.6.0 allows local guest OS users to c

CVE-2017-5993 MEDIUM
6.5 Mar 15

Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer before 0.6.0 allows local g

CVE-2017-6209 MEDIUM
6.5 Mar 15

Stack-based buffer overflow in the parse_identifier function in tgsi_text.c in the TGSI auxiliary module in the Gallium

CVE-2016-10163 MEDIUM
6.5 Mar 15

Memory leak in the vrend_renderer_context_create_internal function in vrend_decode.c in virglrenderer before 0.6.0 allow

CVE-2017-6317 MEDIUM
6.5 Mar 15

Memory leak in the add_shader_program function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS u

CVE-2017-6355 MEDIUM
5.5 Mar 10

Integer overflow in the vrend_create_shader function in vrend_renderer.c in virglrenderer before 0.6.0 allows local gues

Share

CVE-2017-6210 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy