Описание
Security update for virglrenderer
This update for virglrenderer fixes the following issues:
- CVE-2022-0135: Fix OOB in read_transfer_data. (bsc#1195389)
Список пакетов
SUSE Linux Enterprise Module for Server Applications 15 SP4
libvirglrenderer1-0.9.1-150400.3.3.1
virglrenderer-devel-0.9.1-150400.3.3.1
openSUSE Leap 15.4
libvirglrenderer1-0.9.1-150400.3.3.1
virglrenderer-devel-0.9.1-150400.3.3.1
virglrenderer-test-server-0.9.1-150400.3.3.1
Ссылки
- Link for SUSE-SU-2022:2395-1
- E-Mail link for SUSE-SU-2022:2395-1
- SUSE Security Ratings
- SUSE Bug 1195389
- SUSE CVE CVE-2022-0135 page
Описание
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP4:libvirglrenderer1-0.9.1-150400.3.3.1
SUSE Linux Enterprise Module for Server Applications 15 SP4:virglrenderer-devel-0.9.1-150400.3.3.1
openSUSE Leap 15.4:libvirglrenderer1-0.9.1-150400.3.3.1
openSUSE Leap 15.4:virglrenderer-devel-0.9.1-150400.3.3.1
Ссылки
- CVE-2022-0135
- SUSE Bug 1195389
- SUSE Bug 1196396