An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU. The flaw exists in virgl_cmd_get_capset() in contrib/vhost-user-gpu/virgl.c and could occur while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
This issue is analogous to CVE-2016-10028 in virtio-gpu-3d:
OOB write in virgl_cmd_get_capset() in virgl.c:
Created qemu tracking bugs for this issue:
Affects: fedora-all [bug 1959046]
This issue does not affect the versions of `qemu-kvm` as shipped with Red Hat Enterprise Linux 6, 7 and 8, as Virgl was not enabled in these versions. Support for Virgl was enabled as technical preview in Red Hat Enterprise Linux Advanced Virtualization 8.2, and later disabled in Red Hat Enterprise Linux Advanced Virtualization 8.3.
For more information about Virgl support in RHEL Advanced Virtualization, please refer to the following bugs:
* [RFE] Enable virgl as TechPreview (qemu) [bz#1559740]
* Drop virgil acceleration support and remove virglrenderer dependency [bz#1831271]
While QEMU is an essential component in virtualization environments, it is not intended to be used directly on RHEL 8 systems, due to security concerns. Therefore, using qemu-* commands is not supported by Red Hat, and it is highly recommended to interact with QEMU using libvirt. Several isolation mechanisms are available to realize guest isolation and the principle of least privilege. The fundamental isolation mechanism is that QEMU processes must run as unprivileged users. Also, the libvirtd daemon sets up additional sandbox around QEMU using SELinux and sVirt protection for QEMU VMs, which further limit the potential damage in case of guest-to-host escape scenario. The impact of this flaw is hence limited under such circumstances.