Bug 1426149 (CVE-2017-6209)

Summary: CVE-2017-6209 Virglrenderer: stack buffer oveflow in parse_identifier
Product: [Other] Security Response Reporter: Prasad Pandit <ppandit>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: airlied, marcandre.lureau
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-21 11:51:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1410411    

Description Prasad Pandit 2017-02-23 10:04:42 UTC 
Virgil 3d project, used by Quick Emulator(Qemu) to implement 3D GPU support
for the virtio GPU, is vulnerable to an OOB array access issue. It could occur
when parsing properties in parse_identifier().

A guest user/process could use this flaw to crash the Qemu process instance
resulting DoS.

Upstream patch:
---------------
  -> https://cgit.freedesktop.org/virglrenderer/commit/?id=e534b51ca3c3cd25f3990589932a9ed711c59b27

Reference:
----------
  -> http://www.openwall.com/lists/oss-security/2017/02/23/20
Comment 1 Prasad Pandit 2017-02-23 10:04:53 UTC 
Acknowledgments:

Name: Li Qiang (360.cn Inc.)