Headline
CVE-2019-18389: Fix fuzzer failures (!314) · Merge requests · virgl / virglrenderer · GitLab
A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.
Skip to content
GitLab
- GitLab: the DevOps platform
- Explore GitLab
- Install GitLab
- How GitLab compares
- Get started
- GitLab docs
- GitLab Learn
Pricing
Talk to an expert
/
Help
Help
Support
Community forum
Submit feedback
Contribute to GitLab
Projects Groups Snippets
Sign up now
Login
Sign in / Register
- virgl
- virglrenderer
- Merge requests
- !314
Fix fuzzer failures
- Review changes
Download
Email patches
Plain diff
Merged Gert Wollny requested to merge gerddie/virglrenderer:fix-fuzzer-failures into master Oct 07, 2019
- Overview 55
- Commits 20
- Pipelines 42
- Changes 13
This series of patches improves the resource handling by checking the resource creation, blit, and sampler view parameters more thoroughly.
@MatthewShao
Edited Oct 08, 2019 by Gert Wollny