CVE-2022-0135: 
NixOS vulnerability analysis and mitigation

An out-of-bounds write vulnerability (CVE-2022-0135) was discovered in the VirGL virtual OpenGL renderer (virglrenderer). The vulnerability was found in the readtransferdata() function in src/vrend_renderer.c. This security flaw affects the virtual GPU implementation used for KVM virtualization (NVD, Debian Security).

The vulnerability stems from a discrepancy in size calculations between vrendrenderertransferwriteiov() and readtransferdata() functions. The vrendrenderertransferwriteiov() function does not account for 'box->depth' in its calculations, potentially leading to the allocation of a smaller heap buffer that is later accessed out-of-bounds by readtransferdata (Red Hat Bugzilla).

The exploitation of this vulnerability could allow a malicious guest to create a specially crafted virgil resource and issue a VIRTGPU_EXECBUFFER ioctl, potentially leading to denial of service or possible code execution on the host system (Debian LTS, Ubuntu Security).

Multiple vendors have released patches to address this vulnerability. Debian released version 0.7.0-2+deb10u1 for Debian 10 (Buster), Ubuntu provided updates with version 0.8.2-5ubuntu0.21.10.1 for Ubuntu 21.10 and version 0.8.2-1ubuntu1.1 for Ubuntu 20.04, and Gentoo recommended upgrading to version 0.10.1 or later (Debian LTS, Ubuntu Security, Gentoo Security).