Virgil 3d project, used by Quick Emulator(Qemu) to implement 3D GPU support for the virtio GPU, is vulnerable to a memory leakageissue. It could occur while in add_shader_program(). A guest user/process could use this flaw to leak host memory resulting in DoS. Upstream patch: --------------- -> https://cgit.freedesktop.org/virglrenderer/commit/?id=a2f12a1b0f95b13b6f8dc3d05d7b74b4386394e4 Reference: ---------- -> http://www.openwall.com/lists/oss-security/2017/02/24/5
Acknowledgments: Name: Li Qiang (360.cn Inc.)