Описание
Security update for virglrenderer
This update for virglrenderer fixes the following issues:
- CVE-2022-0175: Fixed missing initialization of res->ptr (bsc#1194601).
Список пакетов
SUSE Linux Enterprise Micro 5.0
libvirglrenderer0-0.6.0-4.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP3
libvirglrenderer0-0.6.0-4.6.1
virglrenderer-devel-0.6.0-4.6.1
Ссылки
- Link for SUSE-SU-2022:0111-1
- E-Mail link for SUSE-SU-2022:0111-1
- SUSE Security Ratings
- SUSE Bug 1194601
- SUSE CVE CVE-2022-0175 page
Описание
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.
Затронутые продукты
SUSE Linux Enterprise Micro 5.0:libvirglrenderer0-0.6.0-4.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP3:libvirglrenderer0-0.6.0-4.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP3:virglrenderer-devel-0.6.0-4.6.1
Ссылки
- CVE-2022-0175
- SUSE Bug 1194601