CVE-2019-18388

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2019-18388
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-18388.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-18388
Downstream
Related
Published
2019-12-23T16:15:11Z
Modified
2025-10-15T10:36:22.490011Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands.

References

Affected packages

Git / gitlab.freedesktop.org/virgl/virglrenderer

Affected ranges

Type
GIT
Repo
https://gitlab.freedesktop.org/virgl/virglrenderer
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
0d9a2c88dc3a70023541b3260b9f00c982abda16

Affected versions

virglrenderer-0.*

virglrenderer-0.2.0
virglrenderer-0.4.0
virglrenderer-0.5.0
virglrenderer-0.6.0
virglrenderer-0.7.0
virglrenderer-0.8.0

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://gitlab.freedesktop.org/virgl/virglrenderer@0d9a2c88dc3a70023541b3260b9f00c982abda16",
        "signature_version": "v1",
        "target": {
            "file": "src/vrend_renderer.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "230246388284075920837384513401273778520",
                "247770854284103560370964757660495662146",
                "283298607776472863989037290026065040225",
                "10980190749752915742904610299990923267",
                "97589846449172533768284432859619510842",
                "259144242973277367783008203364710185230",
                "113162233880068866324504992580511338066",
                "292441209584602110749591741382126650725",
                "195154758548467805256975668421040239481",
                "197999904296240402179912790660035153229",
                "45175898030765049316641836147015575380",
                "11912384764406472244679457261798132362",
                "193991974060012037851986127852727068367",
                "317906797538190929006760231226521666755",
                "87929707494462492199221712289058123186",
                "225390076115856788429605334412257056887",
                "11867826398410157442905145874320695957",
                "62336908799203034448989683326123607637",
                "75286404666381965941812493418453554629",
                "315211065258654970910795224706652157703",
                "267831418382395146011890689487700649259",
                "303992299423413057243945230921625730236",
                "124301321920529090545095037987216941160",
                "163656614376991394210757963670121391537",
                "229521369241415733215995487912263510529",
                "168280334930322267386994871193065489110",
                "26645022375984359981965441878774507919",
                "235672997240847247767668974237042770373",
                "274369461503223323845070479388222163445",
                "167789298990508620865295273071654624061",
                "18056553497089460993405337199313458988",
                "300071505119450415034493472560544891372",
                "334589410547553450498420525248947597730",
                "108578394884738445282113131388640626793"
            ]
        },
        "id": "CVE-2019-18388-699cf408"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://gitlab.freedesktop.org/virgl/virglrenderer@0d9a2c88dc3a70023541b3260b9f00c982abda16",
        "signature_version": "v1",
        "target": {
            "function": "check_resource_valid",
            "file": "src/vrend_renderer.c"
        },
        "digest": {
            "function_hash": "255772126217840145050921472267697604337",
            "length": 2809.0
        },
        "id": "CVE-2019-18388-780b980a"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://gitlab.freedesktop.org/virgl/virglrenderer@0d9a2c88dc3a70023541b3260b9f00c982abda16",
        "signature_version": "v1",
        "target": {
            "function": "vrend_renderer_resource_create",
            "file": "src/vrend_renderer.c"
        },
        "digest": {
            "function_hash": "46893389575006868641327675295250580971",
            "length": 2350.0
        },
        "id": "CVE-2019-18388-90221db0"
    }
]