spec: Update patch and changelog with !143 fix CVE-2021-3544 #I3VG5I && fix CVE-2021-3545 #I3V9I8 && fix CVE-2021-3546 #I3V9I7 !143

vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (CVE-2021-3544) vhost-user-gpu: fix memory leak in vg_resource_attach_backing (CVE-2021-3544) vhost-user-gpu: fix memory leak while calling 'vg_resource_unref' (CVE-2021-3544) vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref' (CVE-2021-3544) vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing' (CVE-2021-3544) vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info (CVE-2021-3545) vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset' (CVE-2021-3546) Signed-off-by: Chen Qun<kuhn.chenqun@huawei.com>
2021-06-15 16:27:14 +08:00 · 2021-06-15 16:27:14 +08:00 · 0c0d733627
commit 0c0d733627
parent aee3beb2bb
1 changed files with 16 additions and 0 deletions
--- a/qemu.spec
+++ b/qemu.spec
@ -311,6 +311,13 @@ Patch0298: tz-ppc-add-dummy-read-write-methods.patch
 Patch0299: imx7-ccm-add-digprog-mmio-write-method.patch
 Patch0300: bugfix-fix-Uninitialized-Free-Vulnerability.patch
 Patch0301: 9pfs-Fully-restart-unreclaim-loop-CVE-2021-20181.patch
+Patch0302: vhost-user-gpu-fix-resource-leak-in-vg_resource_crea.patch
+Patch0303: vhost-user-gpu-fix-memory-leak-in-vg_resource_attach.patch
+Patch0304: vhost-user-gpu-fix-memory-leak-while-calling-vg_reso.patch
+Patch0305: vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch
+Patch0306: vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch
+Patch0307: vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch
+Patch0308: vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch

 BuildRequires: flex
 BuildRequires: bison
@ -698,6 +705,15 @@ getent passwd qemu >/dev/null || \
 %endif

 %changelog
+* Tue Jun 15 2021 Chen Qun <kuhn.chenqun@huawei.com>
+- vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (CVE-2021-3544)
+- vhost-user-gpu: fix memory leak in vg_resource_attach_backing (CVE-2021-3544)
+- vhost-user-gpu: fix memory leak while calling 'vg_resource_unref' (CVE-2021-3544)
+- vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref' (CVE-2021-3544)
+- vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing' (CVE-2021-3544)
+- vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info (CVE-2021-3545)
+- vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset' (CVE-2021-3546)
+
 * Tue Jun 08 2021 Chen Qun <kuhn.chenqun@huawei.com>
 - 9pfs: Fully restart unreclaim loop (CVE-2021-20181)