View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2022-0175 severity moderate: SUSE including 16 source package names (libvirglrenderer0-0.5.0-12.6.1, libvirglrenderer0-0.6.0-4.6.1, …), 29 product×package rows across 20 product lines (SUSE Linux Enterprise Micro 5.0, SUSE Linux Enterprise Micro 5.2, … (20 product lines)): Fixed 29.
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.