Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virglrenderer project virglrenderer vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-0135
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
Virglrenderer Project Virglrenderer
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2019-18389
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer up to and including 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE ...
Virglrenderer Project Virglrenderer
Redhat Enterprise Linux 8.0
Opensuse Leap 15.1
Debian Debian Linux 10.0
7.1
CVSSv3
CVE-2019-18390
An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer up to and including 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.
Virglrenderer Project Virglrenderer
Redhat Enterprise Linux 8.0
Opensuse Leap 15.1
Debian Debian Linux 10.0
7.1
CVSSv3
CVE-2017-5580
The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process crash) via a crafted texture instruction.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2016-10214
Memory leak in the virgl_resource_attach_backing function in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-5937
The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d project (aka virglrenderer) 0.6.0 and previous versions allows local guest OS users to cause a denial of service (NULL pointer dereference) via a crafted VIRGL_CCMD_CLEAR command.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2016-10163
Memory leak in the vrend_renderer_context_create_internal function in vrend_decode.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) by repeatedly creating a decode context.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-5993
Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_CCMD_BLIT commands.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-6210
The vrend_decode_reset function in vrend_decode.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero).
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-6386
Memory leak in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_OBJECT_VERTEX_ELEMENTS commands.
Virglrenderer Project Virglrenderer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »