CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
14.2%
An out-of-bounds read in the vrend_blit_need_swizzle function in
vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to
cause a denial of service via VIRGL_CCMD_BLIT commands.
Author | Note |
---|---|
mdeslaur | Nothing in bionic actually uses this package, so we will not be releasing a fix for it. Marking as ignored. |
access.redhat.com/security/cve/cve-2019-18390
gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=d2cdbcf6a8f2317f250fd54f08aa35dde2fa3e30#3cd772559e0d73afa136d6818023cfd0c4c8ecc0_0_151
launchpad.net/bugs/cve/CVE-2019-18390
nvd.nist.gov/vuln/detail/CVE-2019-18390
security-tracker.debian.org/tracker/CVE-2019-18390
www.cve.org/CVERecord?id=CVE-2019-18390
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
14.2%