SUSE-SU-2025:02581-1 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Update ...

CVE-2022-50181

CVE-2022-50181 affects the Linux kernel’s virtio-gpu driver. The vulnerability arises from a missing NULL check in virtio_gpu_cmd_get_capset(), where a NULL-ified cache_ent could be dereferenced (ptr = cache_ent->caps_cache). This results in a NULL pointer dereference. The issue has been resol...

CVE-2022-50181 virtio-gpu: fix a missing check to avoid NULL dereference

In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: fix a missing check to avoid NULL dereference 'cacheent' could be set NULL inside virtiogpucmdgetcapset and it will lead to a NULL dereference by a lately use of it i.e., ptr = cacheent-capscache. Fix it with a NULL...

CVE-2022-49532 drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix NULL pointer dereference in virtiogpuconngetmodes drmcvtmode may return NULL and we should check it. This bug is found by syzkaller: FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forcing a failure. name...