]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: baec04b) | patch
virglrenderer: fix CVE-2022-0135 and -0175
authorJoe Slater <joe.slater@windriver.com>
Wed, 9 Feb 2022 23:36:50 +0000 (15:36 -0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sat, 12 Feb 2022 17:02:56 +0000 (17:02 +0000)
commit91f7511df79c5c1f93add9f2827a5a266453614e
treec535f6094a924d2b8c38ae7196eaaff3defab6e6tree | snapshot
parentbaec04b936ab6b3d2039978fd568c3824cd0a501commit | diff
virglrenderer: fix CVE-2022-0135 and -0175

CVE-2022-0135 concerns out-of-bounds writes in read_transfer_data().
CVE-2022-0175 concerns using malloc() instead of calloc().

We "cherry-pick" from upstream.  The actual cherry-picks are from
upstream master to branch-0.9.1 and are the patches entered here.

Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0135.patch [new file with mode: 0644] blob
meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0175.patch [new file with mode: 0644] blob
meta/recipes-graphics/virglrenderer/virglrenderer_0.9.1.bb diff | blob | history
Mirror of the official openembedded-core repository