Unrated severityNVD Advisory· Published Aug 26, 2022· Updated Aug 2, 2024
CVE-2022-0175
CVE-2022-0175
Description
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- osv-coords6 versionspkg:rpm/opensuse/virglrenderer&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/virglrenderer&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/virglrenderer&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP3pkg:rpm/suse/virglrenderer&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/virglrenderer&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/virglrenderer&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 0.6.0-4.6.1+ 5 more
- (no CPE)range: < 0.6.0-4.6.1
- (no CPE)range: < 0.6.0-4.6.1
- (no CPE)range: < 0.6.0-4.6.1
- (no CPE)range: < 0.5.0-12.6.1
- (no CPE)range: < 0.5.0-12.6.1
- (no CPE)range: < 0.5.0-12.6.1
- Range: Affects v0.9.0 and later.
Patches
Vulnerability mechanics
References
6- security.gentoo.org/glsa/202210-05mitrevendor-advisory
- access.redhat.com/security/cve/CVE-2022-0175mitre
- bugzilla.redhat.com/show_bug.cgimitre
- gitlab.freedesktop.org/virgl/virglrenderer/-/commit/b05bb61f454eeb8a85164c8a31510aeb9d79129cmitre
- gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654mitre
- security-tracker.debian.org/tracker/CVE-2022-0175mitre
News mentions
0No linked articles in our index yet.