Security update for virglrenderer SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2020:0016-1 Final 1 1 2020-01-07T10:18:41Z current 2020-01-07T10:18:41Z 2020-01-07T10:18:41Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for virglrenderer This update for virglrenderer fixes the following issues: - CVE-2019-18388: Fixed a null pointer dereference which could have led to denial of service (bsc#1159479). - CVE-2019-18390: Fixed an out of bound read which could have led to denial of service (bsc#1159478). - CVE-2019-18389: Fixed a heap buffer overflow which could have led to guest escape or denial of service (bsc#1159482). - CVE-2019-18391: Fixed a heap based buffer overflow which could have led to guest escape or denial of service (bsc#1159486). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). HPE-Helion-OpenStack-8-2020-16,SUSE-2020-16,SUSE-OpenStack-Cloud-7-2020-16,SUSE-OpenStack-Cloud-8-2020-16,SUSE-OpenStack-Cloud-Crowbar-8-2020-16,SUSE-SLE-DESKTOP-12-SP4-2020-16,SUSE-SLE-SAP-12-SP2-2020-16,SUSE-SLE-SAP-12-SP3-2020-16,SUSE-SLE-SDK-12-SP4-2020-16,SUSE-SLE-SDK-12-SP5-2020-16,SUSE-SLE-SERVER-12-SP2-2020-16,SUSE-SLE-SERVER-12-SP2-BCL-2020-16,SUSE-SLE-SERVER-12-SP3-2020-16,SUSE-SLE-SERVER-12-SP3-BCL-2020-16,SUSE-SLE-SERVER-12-SP4-2020-16,SUSE-SLE-SERVER-12-SP5-2020-16,SUSE-Storage-5-2020-16 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2020/suse-su-20200016-1/ Link for SUSE-SU-2020:0016-1 https://lists.suse.com/pipermail/sle-security-updates/2020-January/006299.html E-Mail link for SUSE-SU-2020:0016-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1159478 SUSE Bug 1159478 https://bugzilla.suse.com/1159479 SUSE Bug 1159479 https://bugzilla.suse.com/1159482 SUSE Bug 1159482 https://bugzilla.suse.com/1159486 SUSE Bug 1159486 https://www.suse.com/security/cve/CVE-2019-18388/ SUSE CVE CVE-2019-18388 page https://www.suse.com/security/cve/CVE-2019-18389/ SUSE CVE CVE-2019-18389 page https://www.suse.com/security/cve/CVE-2019-18390/ SUSE CVE CVE-2019-18390 page https://www.suse.com/security/cve/CVE-2019-18391/ SUSE CVE CVE-2019-18391 page HPE Helion OpenStack 8 SUSE Enterprise Storage 5 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 libvirglrenderer0-0.5.0-12.3.1 virglrenderer-devel-0.5.0-12.3.1 virglrenderer-test-server-0.5.0-12.3.1 libvirglrenderer0-0.5.0-12.3.1 as a component of HPE Helion OpenStack 8 libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Enterprise Storage 5 libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Server 12 SP4 libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Server 12 SP5 libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 virglrenderer-devel-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP4 virglrenderer-devel-0.5.0-12.3.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE OpenStack Cloud 7 libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE OpenStack Cloud 8 libvirglrenderer0-0.5.0-12.3.1 as a component of SUSE OpenStack Cloud Crowbar 8 A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands. CVE-2019-18388 HPE Helion OpenStack 8:libvirglrenderer0-0.5.0-12.3.1 SUSE Enterprise Storage 5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Desktop 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP2-BCL:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP2-LTSS:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP3-BCL:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP3-LTSS:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Software Development Kit 12 SP4:virglrenderer-devel-0.5.0-12.3.1 SUSE Linux Enterprise Software Development Kit 12 SP5:virglrenderer-devel-0.5.0-12.3.1 SUSE OpenStack Cloud 7:libvirglrenderer0-0.5.0-12.3.1 SUSE OpenStack Cloud 8:libvirglrenderer0-0.5.0-12.3.1 SUSE OpenStack Cloud Crowbar 8:libvirglrenderer0-0.5.0-12.3.1 important 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20200016-1/ https://www.suse.com/security/cve/CVE-2019-18388.html CVE-2019-18388 https://bugzilla.suse.com/1159479 SUSE Bug 1159479 A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands. CVE-2019-18389 HPE Helion OpenStack 8:libvirglrenderer0-0.5.0-12.3.1 SUSE Enterprise Storage 5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Desktop 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP2-BCL:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP2-LTSS:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP3-BCL:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP3-LTSS:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Software Development Kit 12 SP4:virglrenderer-devel-0.5.0-12.3.1 SUSE Linux Enterprise Software Development Kit 12 SP5:virglrenderer-devel-0.5.0-12.3.1 SUSE OpenStack Cloud 7:libvirglrenderer0-0.5.0-12.3.1 SUSE OpenStack Cloud 8:libvirglrenderer0-0.5.0-12.3.1 SUSE OpenStack Cloud Crowbar 8:libvirglrenderer0-0.5.0-12.3.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20200016-1/ https://www.suse.com/security/cve/CVE-2019-18389.html CVE-2019-18389 https://bugzilla.suse.com/1159482 SUSE Bug 1159482 An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands. CVE-2019-18390 HPE Helion OpenStack 8:libvirglrenderer0-0.5.0-12.3.1 SUSE Enterprise Storage 5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Desktop 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP2-BCL:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP2-LTSS:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP3-BCL:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP3-LTSS:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Software Development Kit 12 SP4:virglrenderer-devel-0.5.0-12.3.1 SUSE Linux Enterprise Software Development Kit 12 SP5:virglrenderer-devel-0.5.0-12.3.1 SUSE OpenStack Cloud 7:libvirglrenderer0-0.5.0-12.3.1 SUSE OpenStack Cloud 8:libvirglrenderer0-0.5.0-12.3.1 SUSE OpenStack Cloud Crowbar 8:libvirglrenderer0-0.5.0-12.3.1 important 3.6 AV:L/AC:L/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20200016-1/ https://www.suse.com/security/cve/CVE-2019-18390.html CVE-2019-18390 https://bugzilla.suse.com/1159478 SUSE Bug 1159478 A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands. CVE-2019-18391 HPE Helion OpenStack 8:libvirglrenderer0-0.5.0-12.3.1 SUSE Enterprise Storage 5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Desktop 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP2-BCL:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP2-LTSS:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP3-BCL:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP3-LTSS:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server 12 SP5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libvirglrenderer0-0.5.0-12.3.1 SUSE Linux Enterprise Software Development Kit 12 SP4:virglrenderer-devel-0.5.0-12.3.1 SUSE Linux Enterprise Software Development Kit 12 SP5:virglrenderer-devel-0.5.0-12.3.1 SUSE OpenStack Cloud 7:libvirglrenderer0-0.5.0-12.3.1 SUSE OpenStack Cloud 8:libvirglrenderer0-0.5.0-12.3.1 SUSE OpenStack Cloud Crowbar 8:libvirglrenderer0-0.5.0-12.3.1 important 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20200016-1/ https://www.suse.com/security/cve/CVE-2019-18391.html CVE-2019-18391 https://bugzilla.suse.com/1159486 SUSE Bug 1159486