Detections
Analytics

Debian dla-3232 : libvirglrenderer-dev - security update

high Nessus Plugin ID 168487

Language:

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3232 advisory.

 ------------------------------------------------------------------------- Debian LTS Advisory DLA-3232-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost December 07, 2022 https://wiki.debian.org/LTS
 -------------------------------------------------------------------------

 Package : virglrenderer Version : 0.7.0-2+deb10u1 CVE ID : CVE-2019-18388 CVE-2019-18389 CVE-2019-18390 CVE-2019-18391 CVE-2020-8002 CVE-2020-8003 CVE-2022-0135 Debian Bug : 946942 949954 1009073

 Several security vulnerabilities were discovered in virglrenderer, a virtual GPU for KVM virtualization.

 CVE-2019-18388

 A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands.

 CVE-2019-18389

 A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.

 CVE-2019-18390

 An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.

 CVE-2019-18391

 A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.

 CVE-2020-8002

 A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands that attempt to launch a grid without previously providing a Compute Shader (CS).

 CVE-2020-8003

 A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free.

 CVE-2022-0135

 An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.

 For Debian 10 buster, these problems have been fixed in version 0.7.0-2+deb10u1.

 We recommend that you upgrade your virglrenderer packages.

 For the detailed security status of virglrenderer please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/virglrenderer

 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Attachment:
 signature.asc Description: PGP signature

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the libvirglrenderer-dev packages.

See Also

http://www.nessus.org/u?cf8dd027

https://security-tracker.debian.org/tracker/CVE-2019-18388

https://security-tracker.debian.org/tracker/CVE-2019-18389

https://security-tracker.debian.org/tracker/CVE-2019-18390

https://security-tracker.debian.org/tracker/CVE-2019-18391

https://security-tracker.debian.org/tracker/CVE-2020-8002

https://security-tracker.debian.org/tracker/CVE-2020-8003

https://security-tracker.debian.org/tracker/CVE-2022-0135

https://packages.debian.org/source/buster/virglrenderer

Plugin Details

Severity: High

ID: 168487

File Name: debian_DLA-3232.nasl

Version: 1.3

Type: local

Agent: unix

Published: 12/8/2022

Updated: 1/22/2025

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2019-18389

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2022-0135

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:10.0, p-cpe:/a:debian:debian_linux:libvirglrenderer-dev, p-cpe:/a:debian:debian_linux:libvirglrenderer0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 12/7/2022

Vulnerability Publication Date: 12/23/2019

Reference Information

CVE: CVE-2019-18388, CVE-2019-18389, CVE-2019-18390, CVE-2019-18391, CVE-2020-8002, CVE-2020-8003, CVE-2022-0135