Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-18389

Опубликовано: 23 дек. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.6
CVSS3: 7.8

Описание

A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.

РелизСтатусПримечание
bionic

ignored

devel

not-affected

0.8.1-6
disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

not-affected

0.8.1-6
focal

not-affected

0.8.1-6
precise/esm

DNE

trusty

ignored

end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 56%
0.00338
Низкий

4.6 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-18389

CVSS3: 5.5
redhat
больше 6 лет назад

A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.

nvd логотип

CVE-2019-18389

CVSS3: 7.8
nvd
около 6 лет назад

A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.

debian логотип

CVE-2019-18389

CVSS3: 7.8
debian
около 6 лет назад

A heap-based buffer overflow in the vrend_renderer_transfer_write_iov ...

github логотип

GHSA-cgwm-cj7v-x3cq

CVSS3: 7.8
github
больше 3 лет назад

A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.

fstec логотип

BDU:2023-00915

CVSS3: 7.8
fstec
больше 6 лет назад

Уязвимость функции vrend_renderer_transfer_write_iov компонента vrend_renderer.c виртуального OpenGL рендерера Virglrenderer, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 56%
0.00338
Низкий

4.6 Medium

CVSS2

7.8 High

CVSS3