suse · CVE-2022-0175

Quick triage

Priority: medium Published: 2022-01-13 02:07:38 UTC Updated: 2026-03-05 04:59:56 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2022-0175 severity moderate: SUSE including 16 source package names (libvirglrenderer0-0.5.0-12.6.1, libvirglrenderer0-0.6.0-4.6.1, …), 29 product×package rows across 20 product lines (SUSE Linux Enterprise Micro 5.0, SUSE Linux Enterprise Micro 5.2, … (20 product lines)): Fixed 29.

Description:

A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.

cvelogic Threat Intelligence