CVE-2019-18389

Name
CVE-2019-18389
Description
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Third Party Advisory https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=9c280a28651507e6ef87b17b90d47b6af3a4ab7d
Patch https://gitlab.freedesktop.org/virgl/virglrenderer/commit/cbc8d8b75be360236cada63784046688aeb6d921
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1765577
Third Party Advisory https://access.redhat.com/security/cve/cve-2019-18389
Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:virglrenderer_project:virglrenderer:*:*:*:*:*:*:*:* virglrenderer >= None <= 0.8.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
virglrenderer 3.11-main 0.8.1-r0 Fernando Casas Schossow <casasfernando@outlook.com> fixed