[Debian] High CVE: CVE-2022-0135: virglrenderer a denial of service or possible code execution
Bug #2021541 reported by
Yue Tao
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
hqbai |
Bug Description
CVE-2022-0135: https:/
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
Base Score: High
References:
https:/
['libvirglrende
CVE References
Changed in starlingx: | |
importance: | Undecided → High |
status: | New → Incomplete |
status: | Incomplete → Triaged |
Changed in starlingx: | |
assignee: | nobody → hqbai (hbai) |
To post a comment you must log in.
Fix proposed to branch: master /review. opendev. org/c/starlingx /tools/ +/886238
Review: https:/