CVE-2017-6317

MEDIUM

Virglrenderer < 0.5.0 - Resource Leak

Title source: rule

Description

Memory leak in the add_shader_program function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via vectors involving the sprog variable.

References (6)

Scores

CVSS v3 6.5
EPSS 0.0005
EPSS Percentile 16.7%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Classification

CWE
CWE-772
Status published

Affected Products (2)

virglrenderer_project/virglrenderer < 0.5.0
n/a/n/a

Timeline

Published Mar 15, 2017
Tracked Since Feb 18, 2026