EUVD-2020-28916

Malware in sbrugna...

OESA-2022-1570 virglrenderer security update

The virgil3d rendering library is a library used by qemu to implement 3D GPU support for the virtio GPU. Security Fixes: A NULL pointer dereference in vrendrenderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands that attempt to launch a grid without...

virglrenderer vrend_renderer.c resource management error vulnerability

virglrenderer is a VirGL virtual OpenGL renderer. virglrenderer 0.8.1 and earlier versions have a resource management error vulnerability in the vrendrenderer.c file. The vulnerability stems from mismanagement of system resources e.g., memory, disk space, files, etc. by a networked system or...

CVE-2020-8003

A double-free vulnerability in vrendrenderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrendrendererresourceallocatedtexture is not an appropriate place for a free...

virglrenderer vrend_renderer.c file buffer overflow vulnerability

virglrenderer is a VirGL virtual OpenGL renderer. A buffer overflow vulnerability exists in the 'vrendrenderertransferwriteiov' function in the vrendrenderer.c file in virglrenderer 0.8.0 and earlier. The vulnerability stems from a networked system or product performing operations in memory witho...

UBUNTU-CVE-2019-18388

A NULL pointer dereference in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands...

CVE-2019-18389

CVE-2019-18389 describes a heap-based buffer overflow in the virglrenderer transfer path. Specifically, vrend_renderer_transfer_write_iov in vrend_renderer.c (virglrenderer up to version 0.8.0) can be triggered by VIRGL_CCMD_RESOURCE_INLINE_WRITE, enabling denial of service and potentially guest‑...

CVE-2019-18391

CVE-2019-18391 is a heap-based buffer overflow in virglrenderer’s vrend_renderer_transfer_write_iov (virglrenderer up to 0.8.0) that allows a local attacker (guest OS) to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands. Several connected advisories reference this flaw and ...

CVE-2019-18390

An out-of-bounds read in the vrendblitneedswizzle function in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGLCCMDBLIT commands...

CVE-2019-18391

A heap-based buffer overflow in the vrendrenderertransferwriteiov function in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGLCCMDRESOURCEINLINEWRITE commands...

CVE-2017-5994

Heap-based buffer overflow in the vrendcreatevertexelementsstate function in vrendrenderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service out-of-bounds array access and crash via the numelements parameter...

Heap overflow

Heap-based buffer overflow in the vrendcreatevertexelementsstate function in vrendrenderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service out-of-bounds array access and crash via the numelements parameter...

CVE-2017-6317

Memory leak in the addshaderprogram function in vrendrenderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service host memory consumption via vectors involving the sprog variable...

Memory corruption

Memory leak in the vrendcreatevertexelementsstate function in vrendrenderer.c in virglrenderer allows local guest OS users to cause a denial of service host memory consumption via a large number of VIRGLOBJECTVERTEXELEMENTS commands...

CVE-2017-5994

Heap-based buffer overflow in the vrendcreatevertexelementsstate function in vrendrenderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service out-of-bounds array access and crash via the numelements parameter...

CVE-2017-6355

Integer overflow in the vrendcreateshader function in vrendrenderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service process crash via crafted pktlength and offlen values, which trigger an out-of-bounds access...

CVE-2017-6355

Integer overflow in the vrendcreateshader function in vrendrenderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service process crash via crafted pktlength and offlen values, which trigger an out-of-bounds access...