CVE-2022-0135
https://notcve.org/view.php?id=CVE-2022-0135
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution. Se ha encontrado un problema de escritura fuera de límites en el renderizador virtual OpenGL de VirGL (virglrenderer). Este defecto permite a un invitado malicioso crear un recurso virgil especialmente diseñado y luego emitir un ioctl VIRTGPU_EXECBUFFER, conllevando a una denegación de servicio o a una posible ejecución de código. • https://bugzilla.redhat.com/show_bug.cgi?id=2037790 https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html https://security.gentoo.org/glsa/202210-05 • CWE-787: Out-of-bounds Write •
CVE-2020-8003
https://notcve.org/view.php?id=CVE-2020-8003
A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free. Una vulnerabilidad de doble liberación en el archivo vrend_renderer.c en virglrenderer versiones hasta 0.8.1, permite a atacantes causar una denegación de servicio al desencadenar un fallo de asignación de textura, porque vrend_renderer_resource_allocated_texture no es un lugar apropiado para una liberación. • https://gitlab.freedesktop.org/virgl/virglrenderer/commit/f9b079ccc319c98499111f66bd654fc9b56cf15f?merge_request_iid=340 https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340 https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340/diffs?commit_id=3320973c9f2068f60cf6613c2811a8824781878a https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340/diffs?commit_id=f9b079ccc319c98499111f66bd654fc9b56cf15f https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html • CWE-415: Double Free •
CVE-2020-8002
https://notcve.org/view.php?id=CVE-2020-8002
A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands that attempt to launch a grid without previously providing a Compute Shader (CS). Una desreferencia del puntero NULL en el archivo vrend_renderer.c en virglrenderer versiones hasta 0.8.1, permite a atacantes causar una denegación de servicio por medio de comandos que intentan iniciar una cuadricula sin proveer previamente un Compute Shader (CS). • https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340 https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340/diffs?commit_id=572a36879701598fa727f50313508be99865b58f https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340/diffs?commit_id=725e12beba4a41934f0ab62d399b5d4de2d13190 https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html • CWE-476: NULL Pointer Dereference •
CVE-2019-18388
https://notcve.org/view.php?id=CVE-2019-18388
A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands. Una desreferencia del puntero NULL en el archivo vrend_renderer.c en virglrenderer versiones hasta 0.8.0, permite a usuarios invitados del sistema operativo causar una denegación de servicio por medio de comandos malformados. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html https://access.redhat.com/security/cve/cve-2019-18388 https://bugzilla.redhat.com/show_bug.cgi?id=1765578 https://gitlab.freedesktop.org/virgl/virglrenderer/commit/0d9a2c88dc3a70023541b3260b9f00c982abda16 https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=d2cdbcf6a8f2317f250fd54f08aa35dde2fa3e30#diff-content-3cd772559e0d73afa136d6818023cfd0c4c8ecc0 https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html • CWE-476: NULL Pointer Dereference •
CVE-2019-18391
https://notcve.org/view.php?id=CVE-2019-18391
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands. Un desbordamiento de búfer en la región heap de la memoria en la función vrend_renderer_transfer_write_iov en el archivo vrend_renderer.c en virglrenderer versiones hasta 0.8.0, permite a usuarios invitados del sistema operativo causar una denegación de servicio por medio de los comandos VIRGL_CCMD_RESOURCE_INLINE_WRITE. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html https://access.redhat.com/security/cve/cve-2019-18391 https://bugzilla.redhat.com/show_bug.cgi?id=1765589 https://gitlab.freedesktop.org/virgl/virglrenderer/commit/2abeb1802e3c005b17a7123e382171b3fb665971 https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=8c9cfb4e425542e96f0717189fe4658555baaf08 https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html • CWE-787: Out-of-bounds Write •