Описание
Security update for virglrenderer
This update for virglrenderer fixes the following issues:
- CVE-2022-0135: Fixed out-of-bonds write in read_transfer_data() (bsc#1195389).
Список пакетов
HPE Helion OpenStack 8
libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Server 12 SP2-BCL
libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Server 12 SP3-BCL
libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Server 12 SP3-LTSS
libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Server 12 SP4-LTSS
libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Server 12 SP5
libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Software Development Kit 12 SP5
virglrenderer-devel-0.5.0-12.9.1
SUSE OpenStack Cloud 8
libvirglrenderer0-0.5.0-12.9.1
SUSE OpenStack Cloud 9
libvirglrenderer0-0.5.0-12.9.1
SUSE OpenStack Cloud Crowbar 8
libvirglrenderer0-0.5.0-12.9.1
SUSE OpenStack Cloud Crowbar 9
libvirglrenderer0-0.5.0-12.9.1
Ссылки
- Link for SUSE-SU-2022:0478-1
- E-Mail link for SUSE-SU-2022:0478-1
- SUSE Security Ratings
- SUSE Bug 1195389
- SUSE CVE CVE-2022-0135 page
Описание
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
Затронутые продукты
HPE Helion OpenStack 8:libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Server 12 SP2-BCL:libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Server 12 SP3-BCL:libvirglrenderer0-0.5.0-12.9.1
SUSE Linux Enterprise Server 12 SP3-LTSS:libvirglrenderer0-0.5.0-12.9.1
Ссылки
- CVE-2022-0135
- SUSE Bug 1195389
- SUSE Bug 1196396