CVE-2017-5937
MEDIUMVirglrenderer < 0.5.0 - NULL Pointer Dereference
Title source: ruleDescription
The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d project (aka virglrenderer) 0.6.0 and earlier allows local guest OS users to cause a denial of service (NULL pointer dereference) via a crafted VIRGL_CCMD_CLEAR command.
References (4)
Scores
CVSS v3
6.5
EPSS
0.0009
EPSS Percentile
25.6%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Classification
CWE
CWE-476
Status
published
Affected Products (2)
virglrenderer_project/virglrenderer
< 0.5.0
n/a/n/a
Timeline
Published
Mar 15, 2017
Tracked Since
Feb 18, 2026