CVE-2022-0135
N/A
N/A
Summary
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | virglrenderer | virglrenderer 0.8.1 and after | affected |
Weaknesses
- CWE-787: CWE-787
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=2037790
- https://security.gentoo.org/glsa/202210-05
- https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2037790
- https://security.gentoo.org/glsa/202210-05
- https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.