Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virglrenderer vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-0175
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host,...
Virglrenderer Project Virglrenderer 0.9.1
Virglrenderer Project Virglrenderer 0.9.0
Redhat Enterprise Linux 8.0
6.5
CVSSv3
CVE-2016-10214
Memory leak in the virgl_resource_attach_backing function in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-5993
Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_CCMD_BLIT commands.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-6210
The vrend_decode_reset function in vrend_decode.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero).
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-5937
The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d project (aka virglrenderer) 0.6.0 and previous versions allows local guest OS users to cause a denial of service (NULL pointer dereference) via a crafted VIRGL_CCMD_CLEAR command.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2016-10163
Memory leak in the vrend_renderer_context_create_internal function in vrend_decode.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) by repeatedly creating a decode context.
Virglrenderer Project Virglrenderer
6.5
CVSSv3
CVE-2017-6386
Memory leak in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRGL_OBJECT_VERTEX_ELEMENTS commands.
Virglrenderer Project Virglrenderer
7.1
CVSSv3
CVE-2017-5580
The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process crash) via a crafted texture instruction.
Virglrenderer Project Virglrenderer
5.5
CVSSv3
CVE-2017-5956
The vrend_draw_vbo function in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors involving vertext_buffer_index.
Virglrenderer Project Virglrenderer
5.5
CVSSv3
CVE-2017-5994
Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer prior to 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and crash) via the num_elements parameter.
Virglrenderer Project Virglrenderer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »