CVE-2017-5993
MEDIUMVirglrenderer < 0.5.0 - Resource Leak
Title source: ruleDescription
Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_CCMD_BLIT commands.
References (6)
Scores
CVSS v3
6.5
EPSS
0.0007
EPSS Percentile
20.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Classification
CWE
CWE-772
Status
published
Affected Products (2)
virglrenderer_project/virglrenderer
< 0.5.0
n/a/n/a
Timeline
Published
Mar 15, 2017
Tracked Since
Feb 18, 2026