SUSE-SU-2020:0017-1

Details

This update for virglrenderer fixes the following issues:

CVE-2019-18388: Fixed a null pointer dereference which could have led to denial of service (bsc#1159479).
CVE-2019-18390: Fixed an out of bound read which could have led to denial of service (bsc#1159478).
CVE-2019-18389: Fixed a heap buffer overflow which could have led to guest escape or denial of service (bsc#1159482).
CVE-2019-18391: Fixed a heap based buffer overflow which could have led to guest escape or denial of service (bsc#1159486).

Affected Packages

libvirglrenderer0

SUSE Linux Enterprise Module for Server Applications 15SUSE Linux Enterprise Module for Server Applications 15 SP1

Fixed in:

0.6.0-4.3.1

virglrenderer

SUSE Linux Enterprise Module for Server Applications 15SUSE Linux Enterprise Module for Server Applications 15 SP1

Fixed in:

0.6.0-4.3.1

virglrenderer-devel

SUSE Linux Enterprise Module for Server Applications 15SUSE Linux Enterprise Module for Server Applications 15 SP1

Fixed in: