CVE-2017-5956
MEDIUMVirglrenderer < 0.5.0 - Out-of-Bounds Read
Title source: ruleDescription
The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_buffer_index.
References (5)
Scores
CVSS v3
5.5
EPSS
0.0008
EPSS Percentile
24.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Classification
CWE
CWE-125
Status
published
Affected Products (2)
virglrenderer_project/virglrenderer
< 0.5.0
n/a/n/a
Timeline
Published
Mar 20, 2017
Tracked Since
Feb 18, 2026