This was fixed in https://ubuntu.com/security/notices/USN-5309-1 for focal and newer; it is unfixed in bionic where virglrenderer is community maintained.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0175 ** Also affects: virglrenderer (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: virglrenderer (Ubuntu Impish) Importance: Undecided Status: New ** Also affects: virglrenderer (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: virglrenderer (Ubuntu Bionic) Status: New => Triaged ** Changed in: virglrenderer (Ubuntu) Status: New => Fix Released ** Changed in: virglrenderer (Ubuntu Focal) Status: New => Fix Released ** Changed in: virglrenderer (Ubuntu Impish) Status: New => Fix Released ** Information type changed from Private Security to Public Security ** Tags added: community-security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1950784 Title: information leak from host to guest in the virglrenderer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/virglrenderer/+bug/1950784/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs