← Zuruck zu CVEs
CVE-2025-58150
HIGH8.8
Beschreibung
Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing.
CVE Details
CVSS v3.1 Bewertung8.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht1/28/2026
Zuletzt geandert2/9/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
xen:xen
Schwachen (CWE)
CWE-787
Referenzen
https://xenbits.xenproject.org/xsa/advisory-477.html(security@xen.org)
http://www.openwall.com/lists/oss-security/2026/01/27/1(af854a3a-2127-422b-91ae-364da2661108)
http://xenbits.xen.org/xsa/advisory-477.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.