Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virglrenderer vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-0175
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host,...
Virglrenderer Project Virglrenderer 0.9.1
Virglrenderer Project Virglrenderer 0.9.0
Redhat Enterprise Linux 8.0
6.5
CVSSv3
CVE-2017-5937
The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d project (aka virglrenderer) 0.6.0 and previous versions allows local guest OS users to cause a denial of service (NULL pointer dereference) via a crafted VIRGL_CCMD_CLEAR command.
Virglrenderer Project Virglrenderer
7.1
CVSSv3
CVE-2017-5580
The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process crash) via a crafted texture instruction.
Virglrenderer Project Virglrenderer
5.5
CVSSv3
CVE-2017-5956
The vrend_draw_vbo function in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_buffer_index.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-5993
Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_CCMD_BLIT commands.
Virglrenderer Project Virglrenderer
5.5
CVSSv3
CVE-2017-5994
Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and crash) via the num_elements parameter.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-6317
Memory leak in the add_shader_program function in vrend_renderer.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via vectors involving the sprog variable.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-6209
Stack-based buffer overflow in the parse_identifier function in tgsi_text.c in the TGSI auxiliary module in the Gallium driver in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors ...
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-6210
The vrend_decode_reset function in vrend_decode.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero).
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-6386
Memory leak in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_OBJECT_VERTEX_ELEMENTS commands.
Virglrenderer Project Virglrenderer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »