virglrenderer: fix CVE-2022-0135 and -0175 - linux/poky.git

diff options

author	Joe Slater <joe.slater@windriver.com>	2022-02-09 15:36:50 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-02-24 11:12:39 +0000
commit	4e2cfc6b111d26895ed3578ba7f7c5564159bafe (patch)
tree	0ac6b5aa623c241ccee4d0c0a50f4ebb7d2f3735 /scripts/lib/devtool/upgrade.py
parent	9b2fab0ac0a94d116e01178a5767e79e1085b9d6 (diff)
download	poky-4e2cfc6b111d26895ed3578ba7f7c5564159bafe.tar.gz

virglrenderer: fix CVE-2022-0135 and -0175

CVE-2022-0135 concerns out-of-bounds writes in read_transfer_data(). CVE-2022-0175 concerns using malloc() instead of calloc(). We "cherry-pick" from upstream. The actual cherry-picks are from upstream master to branch-0.9.1 and are the patches entered here. (From OE-Core rev: 2d1ed522def1386ce2810c4634a394774b42228c) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 91f7511df79c5c1f93add9f2827a5a266453614e) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/devtool/upgrade.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: