A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "0.8.2-1ubuntu1.1", "binary_name": "libvirglrenderer-dev" }, { "binary_version": "0.8.2-1ubuntu1.1", "binary_name": "libvirglrenderer1" }, { "binary_version": "0.8.2-1ubuntu1.1", "binary_name": "libvirglrenderer1-dbgsym" }, { "binary_version": "0.8.2-1ubuntu1.1", "binary_name": "virgl-server" }, { "binary_version": "0.8.2-1ubuntu1.1", "binary_name": "virgl-server-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "0.9.1-1~exp1ubuntu2", "binary_name": "libvirglrenderer-dev" }, { "binary_version": "0.9.1-1~exp1ubuntu2", "binary_name": "libvirglrenderer1" }, { "binary_version": "0.9.1-1~exp1ubuntu2", "binary_name": "libvirglrenderer1-dbgsym" }, { "binary_version": "0.9.1-1~exp1ubuntu2", "binary_name": "virgl-server" }, { "binary_version": "0.9.1-1~exp1ubuntu2", "binary_name": "virgl-server-dbgsym" } ] }