Back to bug 2037790

Who	When	What	Removed	Added
Michael Kaplan	2022-01-06 15:24:29 UTC	CC		security-response-team
Michael Kaplan	2022-01-06 15:24:51 UTC	Alias		CVE-2022-0135
		Summary	EMBARGOED virglrenderer: Out of Bounds write in read_transfer_data()	EMBARGOED CVE-2022-0135 virglrenderer: Out of Bounds write in read_transfer_data()
Michael Kaplan	2022-01-06 15:25:15 UTC	Blocks		2037791
Michael Kaplan	2022-01-06 15:26:04 UTC	Blocks		2037795
Mauro Matteo Cascella	2022-01-31 15:06:50 UTC	Group	security, qe_staff
		CC		virt-maint
		Summary	EMBARGOED CVE-2022-0135 virglrenderer: Out of Bounds write in read_transfer_data()	CVE-2022-0135 virglrenderer: out-of-bounds write in read_transfer_data()
Mauro Matteo Cascella	2022-01-31 15:35:18 UTC	Depends On		2048607, 2048606
Mauro Matteo Cascella	2022-01-31 15:45:54 UTC	Depends On		2048613, 2048612
Mauro Matteo Cascella	2022-02-01 09:23:24 UTC	Doc Text		An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). A malicious guest could exploit this flaw by creating a specially crafted virgil resource and then issuing a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service condition or possible code execution.
Mauro Matteo Cascella	2022-02-01 09:42:48 UTC	Comment	0	updated
RaTasha Tillery-Smith	2022-02-01 13:50:43 UTC	Doc Text	An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). A malicious guest could exploit this flaw by creating a specially crafted virgil resource and then issuing a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service condition or possible code execution.	An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
Red Hat Bugzilla	2023-07-07 08:34:11 UTC	Assignee	security-response-team	nobody
		CC	security-response-team

Back to bug 2037790