Comment 5 for bug 1950940

Issue 251 is not open upstream, but it looks like this was addressed in https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/2aed5d419722a0d9fbd17be9c7a1147e22b681de along with a couple of other security fixes in https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654 . It does not look like these fixes have landed in a release yet upstream.

Hoever, the other two issues (249, 250) did get CVEs assigned for them, CVE-2022-0175 and CVE-2022-0135 respectively.

Jun Yao, was a CVE ever assigned for this issue?