Published: 25/08/2022 Updated: 03/02/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
virglrenderer project virglrenderer
redhat enterprise linux 8.0
debian debian linux 10.0

Debian Bug report logs - #1009073 virglrenderer: CVE-2022-0135: out-of-bounds write in read_transfer_data() Package: src:virglrenderer; Maintainer for src:virglrenderer is Gert Wollny <gewo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 6 Apr 2022 20:06:01 UTC Severity: grave Tags: sec ...

Several security issues were fixed in virglrenderer ...

CWE-787 https://bugzilla.redhat.com/show_bug.cgi?id=2037790 https://security.gentoo.org/glsa/202210-05 https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009073 https://ubuntu.com/security/notices/USN-5309-1 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-0135

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect