[Secure-testing-commits] r48363 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-01-25 09:58:54 +0000 (Wed, 25 Jan 2017)
New Revision: 48363

Modified:
   data/CVE/list
Log:
Add CVE-2017-5580/virglrenderer

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-25 09:57:45 UTC (rev 48362)
+++ data/CVE/list	2017-01-25 09:58:54 UTC (rev 48363)
@@ -44,6 +44,11 @@
 	- tigervnc <unfixed> (bug #852213)
 	NOTE: https://github.com/TigerVNC/tigervnc/pull/399
 	NOTE: https://github.com/TigerVNC/tigervnc/commit/18c020124ff1b2441f714da2017f63dba50720ba
+CVE-2017-5580 [OOB access while parsing texture instruction]
+	- virglrenderer <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415986
+	NOTE: https://lists.freedesktop.org/archives/virglrenderer-devel/2017-January/000105.html
+	TODO: check
 CVE-2017-5578 [display: virtio-gpu: host memory leakage in virtio_gpu_resource_attach_backing]
 	- qemu <unfixed>
 	- qemu-kvm <removed>