Virgil 3d project, used by Quick Emulator(Qemu) to implement 3D GPU support for the virtio GPU, is vulnerable to an integer overflow issue. It could occur when creating a shader object in vrend_create_shader(). A guest user/process could use this flaw to crash the Qemu process resulting DoS. Upstream patch: --------------- -> https://cgit.freedesktop.org/virglrenderer/commit/?id=93761787b29f37fa627dea9082cdfc1a1ec608d6 Reference: ---------- -> http://www.openwall.com/lists/oss-security/2017/02/27/3
Acknowledgments: Name: Li Qiang (360.cn Inc.)