← volver
CVE-2025-58150

x86: buffer overrun with shadow paging + tracing

CVSS 8.8 HIGHEPSS 0.1%CWE-787
Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Productos afectados
Xen · Xen

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://xenbits.xenproject.org/xsa/advisory-477.htmlhttp://www.openwall.com/lists/oss-security/2026/01/27/1http://xenbits.xen.org/xsa/advisory-477.html