CVE-2020-8003 (https://nvd.nist.gov/vuln/detail/CVE-2020-8003): A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free. CVE-2020-8002 (https://nvd.nist.gov/vuln/detail/CVE-2020-8002): A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands that attempt to launch a grid without previously providing a Compute Shader (CS).
From upstream: "[0.8.2] is a bugfix release, that fixes a number of issues, amongst them two security vunerabilities CVE-2020-8002 and CVE-2020-8003." commit 73004619cc8ba46a7ee42b1496dbf0f064ccc87e Author: Matthias Maier <tamiko@gentoo.org> Date: Sun Apr 19 15:01:23 2020 -0500 media-libs/virglrenderer: version bump to 0.8.2 - contrary to the suggestion in https://bugs.gentoo.org/693246, do not add a USE=gbm flag. The current code cannot be compiled with mesa[gbm] and upstream restricted support for gbm allocation to minigbm in current master - port to meson build system - disable testsuite - - verified that the build system doesn't require python directly any more Closes: https://bugs.gentoo.org/693246 Closes: https://bugs.gentoo.org/716354 Closes: https://bugs.gentoo.org/631740 Package-Manager: Portage-2.3.99, Repoman-2.3.22
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please vote.
I'm having several new bugs with 0.8.2 and the proprietary nvidia stack, it seems that: - Remote desktop apps within the guest that blit several tiles at a time, such as x2go and xfreerdp are not rendering ever tile and instead show mostly blank desktop. - While using qemu with a guest, I've had my machine freeze completely. Now obviously this warrants another but report but before you remove this version from portage I thought it should be known that 0.8.2 does not work well for those using nvidia drivers.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=356669e1306408223ceac3aa99836c9bd4054c2e commit 356669e1306408223ceac3aa99836c9bd4054c2e Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2020-06-18 02:54:30 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2020-06-18 02:54:30 +0000 media-libs/virglrenderer: drop vulnerable Bug: https://bugs.gentoo.org/717010 Signed-off-by: Aaron Bauman <bman@gentoo.org> media-libs/virglrenderer/Manifest | 2 - .../virglrenderer/virglrenderer-0.6.0.ebuild | 50 ---------------------- .../virglrenderer/virglrenderer-0.7.0.ebuild | 50 ---------------------- 3 files changed, 102 deletions(-)
