Bug 1796643 (CVE-2020-8003) - CVE-2020-8003 virglrenderer: Double-free vulnerability in vrend_renderer.c
Summary: CVE-2020-8003 virglrenderer: Double-free vulnerability in vrend_renderer.c
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2020-8003
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 1796644 1796645 1808541
Blocks: 1796649
TreeView+ depends on / blocked
 
Reported: 2020-01-30 20:21 UTC by Pedro Sampaio
Modified: 2024-10-31 15:12 UTC (History)
3 users (show)

Fixed In Version: virglrenderer-0.8.2
Clone Of:
Environment:
Last Closed: 2024-10-31 15:12:47 UTC
Embargoed:

Attachments (Terms of Use)

Description Pedro Sampaio 2020-01-30 20:21:04 UTC 
A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free.

References:

https://gitlab.freedesktop.org/virgl/virglrenderer/commit/f9b079ccc319c98499111f66bd654fc9b56cf15f?merge_request_iid=340
https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340
https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340/diffs?commit_id=3320973c9f2068f60cf6613c2811a8824781878a
https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/340/diffs?commit_id=f9b079ccc319c98499111f66bd654fc9b56cf15f
Comment 1 Pedro Sampaio 2020-01-30 20:21:55 UTC 
Created virglrenderer tracking bugs for this issue:

Affects: epel-8 [bug 1796645]
Affects: fedora-all [bug 1796644]
Comment 4 Sandro Bonazzola 2024-08-06 10:07:54 UTC 
looks like all tracking bugs have been closed. Can this bug be closed as well?
Note You need to log in before you can comment on or make changes to this bug.