Security update for virglrenderer
This update for virglrenderer fixes the following issues:
- CVE-2019-18388: Fixed a null pointer dereference which could have led
to denial of service (bsc#1159479).
- CVE-2019-18390: Fixed an out of bound read which could have led to
denial of service (bsc#1159478).
- CVE-2019-18389: Fixed a heap buffer overflow which could have led to
guest escape or denial of service (bsc#1159482).
- CVE-2019-18391: Fixed a heap based buffer overflow which could have led to
guest escape or denial of service (bsc#1159486).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Lin Ma (lin_ma)
Fixed bugs
bnc#1159482
VUL-0: CVE-2019-18389: virglrenderer: heap buffer overflow in the vrend_renderer_transfer_write_iov function
bnc#1159479
VUL-1: CVE-2019-18388: virglrenderer: NULL pointer dereference in vrend_renderer_resource_create
bnc#1159478
VUL-1: CVE-2019-18390: virglrenderer: out-of-bounds read in the vrend_blit_need_swizzle may lead to DoS
bnc#1159486
VUL-0: CVE-2019-18391: virglrenderer: heap based buffer overflow in the vrend_renderer_transfer_write_iov function
