1796646 – (CVE-2020-8002) CVE-2020-8002 virglrenderer: NULL pointer dereference in vrend_renderer.c

Bug 1796646 (CVE-2020-8002) - CVE-2020-8002 virglrenderer: NULL pointer dereference in vrend_renderer.c

Summary: CVE-2020-8002 virglrenderer: NULL pointer dereference in vrend_renderer.c

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2020-8002
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1796647 1796648 1808543
Blocks:	1796649
TreeView+	depends on / blocked

Reported:	2020-01-30 20:23 UTC by Pedro Sampaio
Modified:	2021-11-01 17:39 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2021-11-01 17:39:17 UTC
Embargoed:

Attachments	(Terms of Use)

Description Pedro Sampaio 2020-01-30 20:23:54 UTC

A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands that attempt to launch a grid without previously providing a Compute Shader (CS).

References:

https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340
https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340/diffs?commit_id=572a36879701598fa727f50313508be99865b58f
https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340/diffs?commit_id=725e12beba4a41934f0ab62d399b5d4de2d13190

Comment 1 Pedro Sampaio 2020-01-30 20:26:07 UTC

Created virglrenderer tracking bugs for this issue:

Affects: epel-8 [bug 1796647]
Affects: fedora-all [bug 1796648]

Note You need to log in before you can comment on or make changes to this bug.