Описание
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
Отчет
This flaw does not affect Red Hat Enterprise Linux as virglrenderer is not shipped in RHEL. Support for VirGL was enabled as a Technology Preview in Red Hat Enterprise Linux Advanced Virtualization 8.2 and later disabled in Red Hat Enterprise Linux Advanced Virtualization 8.3. For more information on the Technology Preview support scope, please refer to https://access.redhat.com/support/offerings/techpreview.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:8.2/virglrenderer | Affected |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
An out-of-bounds write issue was found in the VirGL virtual OpenGL ren ...
7.5 High
CVSS3