Описание
Security update for virglrenderer
This update for virglrenderer fixes the following issues:
- CVE-2022-0175: Fixed missing initialization of res->ptr (bsc#1194601).
Список пакетов
openSUSE Leap 15.3
libvirglrenderer0-0.6.0-4.6.1
virglrenderer-devel-0.6.0-4.6.1
virglrenderer-test-server-0.6.0-4.6.1
Ссылки
- E-Mail link for openSUSE-SU-2022:0111-1
- SUSE Security Ratings
- SUSE Bug 1194601
- SUSE CVE CVE-2022-0175 page
Описание
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.
Затронутые продукты
openSUSE Leap 15.3:libvirglrenderer0-0.6.0-4.6.1
openSUSE Leap 15.3:virglrenderer-devel-0.6.0-4.6.1
openSUSE Leap 15.3:virglrenderer-test-server-0.6.0-4.6.1
Ссылки
- CVE-2022-0175
- SUSE Bug 1194601