CVE search results

1 – 10 of 21 results

Detailed view

Sort by:

CVE-2022-0175

Medium priority

Some fixes available 7 of 8

A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel...

1 affected packages

virglrenderer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
virglrenderer	Fixed	Fixed	Fixed	Vulnerable	Ignored

CVE-2022-0135

Medium priority

Some fixes available 7 of 8

An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a...

1 affected packages

virglrenderer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
virglrenderer	Fixed	Fixed	Fixed	Vulnerable	Ignored

CVE-2020-8003

Low priority

Not affected

A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an...

1 affected packages

virglrenderer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
virglrenderer	—	—	—	Not affected	Not in release

CVE-2020-8002

Low priority

Ignored

A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands that attempt to launch a grid without previously providing a Compute Shader (CS).

1 affected packages

virglrenderer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
virglrenderer	—	—	Not affected	Not affected	Not in release

CVE-2019-18391

Medium priority

Ignored

A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.

1 affected packages

virglrenderer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
virglrenderer	—	—	Not affected	Ignored	Not in release

CVE-2019-18390

Low priority

Ignored

An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.

1 affected packages

virglrenderer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
virglrenderer	—	—	Not affected	Ignored	Not in release

CVE-2019-18389

Medium priority

Ignored

1 affected packages

virglrenderer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
virglrenderer	—	—	Not affected	Ignored	Not in release

CVE-2019-18388

Low priority

Ignored

A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands.

1 affected packages

virglrenderer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
virglrenderer	—	—	Not affected	Ignored	Not in release

CVE-2017-5956

Medium priority

Ignored

The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_buffer_index.

1 affected packages

virglrenderer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
virglrenderer	—	—	—	Not affected	Not in release

CVE-2016-10214

Low priority

Ignored

Memory leak in the virgl_resource_attach_backing function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.

1 affected packages

virglrenderer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
virglrenderer	—	—	—	Not affected	Not in release

Export to JSON

Results by page:

Search CVE reports