Candidate: CVE-2020-8002
PublicDate: 2020-01-27 05:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8002
Description:
 A NULL pointer dereference in vrend_renderer.c in virglrenderer through
 0.8.1 allows attackers to cause a denial of service via commands that
 attempt to launch a grid without previously providing a Compute Shader
 (CS).
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949954
Priority: low
Discovered-by:
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [5.5 MEDIUM]


Patches_virglrenderer:
 upstream: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/63bcca251f093d83da7e290ab4bbd38ae69089b5
upstream_virglrenderer: needed
precise/esm_virglrenderer: DNE
trusty_virglrenderer: ignored (out of standard support)
trusty/esm_virglrenderer: DNE
xenial_virglrenderer: DNE
bionic_virglrenderer: not-affected (code not present)
eoan_virglrenderer: ignored (reached end-of-life)
focal_virglrenderer: not-affected (0.8.2-1)
devel_virglrenderer: not-affected (0.8.2-1)