← Zuruck zu CVEs
CVE-2022-0175
MEDIUM5.5
Beschreibung
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.
CVE Details
CVSS v3.1 Bewertung5.5
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht8/26/2022
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
redhat:enterprise_linuxvirglrenderer_project:virglrenderer
Schwachen (CWE)
CWE-909CWE-909
Referenzen
https://access.redhat.com/security/cve/CVE-2022-0175(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=2039003(secalert@redhat.com)
https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/b05bb61f454eeb8a85164c8a31510aeb9d79129c(secalert@redhat.com)
https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654(secalert@redhat.com)
https://security-tracker.debian.org/tracker/CVE-2022-0175(secalert@redhat.com)
https://security.gentoo.org/glsa/202210-05(secalert@redhat.com)
https://access.redhat.com/security/cve/CVE-2022-0175(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2039003(af854a3a-2127-422b-91ae-364da2661108)
https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/b05bb61f454eeb8a85164c8a31510aeb9d79129c(af854a3a-2127-422b-91ae-364da2661108)
https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654(af854a3a-2127-422b-91ae-364da2661108)
https://security-tracker.debian.org/tracker/CVE-2022-0175(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202210-05(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.