CVE-2019-18391
23.12.2019, 16:15
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| virglrenderer_project | virglrenderer | 𝑥 ≤ 0.8.0 |
| opensuse | leap | 15.1 |
| redhat | enterprise_linux | 8.0 |
| debian | debian_linux | 10.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libvirglrenderer0 |
| ||||||||||||||||||||||||
| libvirglrenderer1 |
| ||||||||||||||||||||||||
| virglrenderer-devel |
|
Common Weakness Enumeration
References