Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virglrenderer project virglrenderer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-0175
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host,...
Virglrenderer Project Virglrenderer 0.9.1
Virglrenderer Project Virglrenderer 0.9.0
Redhat Enterprise Linux 8.0
NA
CVE-2022-0135
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
Virglrenderer Project Virglrenderer
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
187
VMScore
CVE-2020-8003
A double-free vulnerability in vrend_renderer.c in virglrenderer up to and including 0.8.1 allows malicious users to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free.
Virglrenderer Project Virglrenderer
Debian Debian Linux 10.0
187
VMScore
CVE-2020-8002
A NULL pointer dereference in vrend_renderer.c in virglrenderer up to and including 0.8.1 allows malicious users to cause a denial of service via commands that attempt to launch a grid without previously providing a Compute Shader (CS).
Virglrenderer Project Virglrenderer
Debian Debian Linux 10.0
187
VMScore
CVE-2019-18388
A NULL pointer dereference in vrend_renderer.c in virglrenderer up to and including 0.8.0 allows guest OS users to cause a denial of service via malformed commands.
Virglrenderer Project Virglrenderer
Opensuse Leap 15.1
Debian Debian Linux 10.0
320
VMScore
CVE-2019-18390
An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer up to and including 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.
Virglrenderer Project Virglrenderer
Redhat Enterprise Linux 8.0
Opensuse Leap 15.1
Debian Debian Linux 10.0
409
VMScore
CVE-2019-18389
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer up to and including 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE ...
Virglrenderer Project Virglrenderer
Redhat Enterprise Linux 8.0
Opensuse Leap 15.1
Debian Debian Linux 10.0
187
VMScore
CVE-2019-18391
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer up to and including 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.
Virglrenderer Project Virglrenderer
Redhat Enterprise Linux 8.0
Opensuse Leap 15.1
Debian Debian Linux 10.0
436
VMScore
CVE-2016-10214
Memory leak in the virgl_resource_attach_backing function in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
Virglrenderer Project Virglrenderer
187
VMScore
CVE-2017-5956
The vrend_draw_vbo function in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_buffer_index.
Virglrenderer Project Virglrenderer
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »