1765584 – (CVE-2019-18390) CVE-2019-18390 virglrenderer: out-of-bounds read in the vrend_blit_need_swizzle may lead to DoS

Bug 1765584 (CVE-2019-18390) - CVE-2019-18390 virglrenderer: out-of-bounds read in the vrend_blit_need_swizzle may lead to DoS

Summary: CVE-2019-18390 virglrenderer: out-of-bounds read in the vrend_blit_need_swizz...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2019-18390
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1784704 1784705
Blocks:	1765598
TreeView+	depends on / blocked

Reported:	2019-10-25 13:51 UTC by Marian Rehak
Modified:	2021-10-25 09:54 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-10-25 09:54:43 UTC
Embargoed:

Attachments	(Terms of Use)

Description Marian Rehak 2019-10-25 13:51:30 UTC

An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.

Upstream Issue:

https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=d2cdbcf6a8f2317f250fd54f08aa35dde2fa3e30#3cd772559e0d73afa136d6818023cfd0c4c8ecc0_0_151

Comment 1 Marian Rehak 2019-10-25 13:52:33 UTC

Upstream Patch:

https://gitlab.freedesktop.org/virgl/virglrenderer/commit/24f67de7a9088a873844a39be03cee6882260ac9

Comment 3 Prasad Pandit 2019-12-18 06:36:29 UTC

Created virglrenderer tracking bugs for this issue:

Affects: fedora-all [bug 1784704]

Note You need to log in before you can comment on or make changes to this bug.