Virglrenderer Project Virglrenderer — known CVE vulnerabilities
Every CVE whose affected-product data names Virglrenderer Project Virglrenderer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2022-0135 — CVSS 7.8 (high): An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a…
CVE-2019-18389 — CVSS 7.8 (high): A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows…
CVE-2019-18390 — CVSS 7.1 (high): An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to…
CVE-2017-5580 — CVSS 7.1 (high): The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 allows local guest OS users to cause a…
CVE-2017-6209 — CVSS 6.5 (medium): Stack-based buffer overflow in the parse_identifier function in tgsi_text.c in the TGSI auxiliary module in the Gallium driver in…
CVE-2017-6210 — CVSS 6.5 (medium): The vrend_decode_reset function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service…
CVE-2017-6317 — CVSS 6.5 (medium): Memory leak in the add_shader_program function in vrend_renderer.c in virglrenderer before 0.6.0 allows local guest OS users to cause a…
CVE-2017-6386 — CVSS 6.5 (medium): Memory leak in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer allows local guest OS users to cause a…
CVE-2016-10163 — CVSS 6.5 (medium): Memory leak in the vrend_renderer_context_create_internal function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS…
CVE-2016-10214 — CVSS 6.5 (medium): Memory leak in the virgl_resource_attach_backing function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of…
CVE-2017-5937 — CVSS 6.5 (medium): The util_format_is_pure_uint function in vrend_renderer.c in Virgil 3d project (aka virglrenderer) 0.6.0 and earlier allows local guest OS…
CVE-2017-5993 — CVSS 6.5 (medium): Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer before 0.6.0 allows local guest OS users to…
CVE-2019-18388 — CVSS 5.5 (medium): A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via…
CVE-2017-5994 — CVSS 5.5 (medium): Heap-based buffer overflow in the vrend_create_vertex_elements_state function in vrend_renderer.c in virglrenderer before 0.6.0 allows…
CVE-2017-5957 — CVSS 5.5 (medium): Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in virglrenderer before…
CVE-2019-18391 — CVSS 5.5 (medium): A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows…
CVE-2020-8002 — CVSS 5.5 (medium): A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands…
CVE-2020-8003 — CVSS 5.5 (medium): A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering…
CVE-2017-5956 — CVSS 5.5 (medium): The vrend_draw_vbo function in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array…
CVE-2022-0175 — CVSS 5.5 (medium): A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a…