Vulnerabilities > Virglrenderer Project > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-25 | CVE-2022-0135 | An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). | 7.8 |
| 2019-12-23 | CVE-2019-18390 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands. | 7.1 |
| 2019-12-23 | CVE-2019-18389 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands. | 7.8 |
| 2017-03-15 | CVE-2017-5580 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Virglrenderer Project Virglrenderer 0.2.0/0.4.0/0.5.0 The parse_instruction function in gallium/auxiliary/tgsi/tgsi_text.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (out-of-bounds array access and process crash) via a crafted texture instruction. | 7.1 |