{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-0135", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2024-08-02T23:18:41.602Z", "dateReserved": "2022-01-06T00:00:00", "datePublished": "2022-08-25T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2022-12-07T00:00:00"}, "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution."}], "affected": [{"vendor": "n/a", "product": "virglrenderer", "versions": [{"version": "virglrenderer 0.8.1 and after", "status": "affected"}]}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037790"}, {"name": "GLSA-202210-05", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202210-05"}, {"name": "[debian-lts-announce] 20221207 [SECURITY] [DLA 3232-1] virglrenderer security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-787", "cweId": "CWE-787"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:18:41.602Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037790", "tags": ["x_transferred"]}, {"name": "GLSA-202210-05", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202210-05"}, {"name": "[debian-lts-announce] 20221207 [SECURITY] [DLA 3232-1] virglrenderer security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:virglrenderer_project:virglrenderer:*:*:*:*:*:*:*:*", "matchCriteriaId": "277A94A0-43F1-4AD6-A031-C34046E85E01", "versionEndExcluding": "0.10.0", "versionStartIncluding": "0.8.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*", "matchCriteriaId": "3AA08768-75AF-4791-B229-AE938C780959", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution."}, {"lang": "es", "value": "Se ha encontrado un problema de escritura fuera de l\u00edmites en el renderizador virtual OpenGL de VirGL (virglrenderer). Este defecto permite a un invitado malicioso crear un recurso virgil especialmente dise\u00f1ado y luego emitir un ioctl VIRTGPU_EXECBUFFER, conllevando a una denegaci\u00f3n de servicio o a una posible ejecuci\u00f3n de c\u00f3digo."}], "id": "CVE-2022-0135", "lastModified": "2023-02-03T19:05:32.260", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-25T18:15:09.623", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037790"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202210-05"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "secalert@redhat.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Jun Yao for reporting this issue.", "bugzilla": {"description": "virglrenderer: out-of-bounds write in read_transfer_data()", "id": "2037790", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037790"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-787", "details": ["An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.", "An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2022-0135", "package_state": [{"cpe": "cpe:/a:redhat:advanced_virtualization:8::el8", "fix_state": "Affected", "package_name": "virt:8.2/virglrenderer", "product_name": "Red Hat Enterprise Linux 8 Advanced Virtualization"}], "public_date": "2021-12-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-0135\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-0135"], "statement": "This flaw does not affect Red Hat Enterprise Linux as `virglrenderer` is not shipped in RHEL. Support for VirGL was enabled as a Technology Preview in Red Hat Enterprise Linux Advanced Virtualization 8.2 and later disabled in Red Hat Enterprise Linux Advanced Virtualization 8.3. For more information on the Technology Preview support scope, please refer to https://access.redhat.com/support/offerings/techpreview.", "threat_severity": "Moderate"}