Bug 1265201 (CVE-2015-7178, CVE-2015-7179)

Summary: CVE-2015-7178 CVE-2015-7179 Mozilla: Memory safety errors in libGLES in the ANGLE graphics library (MFSA 2015-113)
Product: [Other] Security Response Reporter: Prasad Pandit <ppandit>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: urgent Docs Contact:
Priority: urgent    
Version: unspecifiedCC: security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-09-22 11:56:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1261782    

Description Prasad Pandit 2015-09-22 11:16:53 UTC 
Security researcher Ronald Crane reported two issues in the libGLES portions of the ANGLE graphics library, used for WebGL and OpenGL content on Windows systems. The first of these is a missing bounds check leading to memory safety errors when manipulating shaders which could result in the writing to unowned memory. The second issue also affects shaders when insufficient memory is allocated for a shader attribute array, leading to a buffer overflow. Both of these issues can lead to a potentially exploitable crash.

Note: These issues are specific to Windows and does not affect Linux or OS X
systems.

External References:

https://www.mozilla.org/en-US/security/advisories/mfsa2015-113/
Comment 1 Martin Prpič 2015-09-24 12:40:28 UTC 
Acknowledgements:

Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Ronald Crane as the original reporter.