CVE-2022-0135

Summary

An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.

Affected Software

VendorProductVersion RangeStatus
n/avirglrenderervirglrenderer 0.8.1 and afteraffected

Weaknesses

  • CWE-787: CWE-787

ADP Enrichment

CVE Program Container

Additional References

References