← voltar
CVE-2025-58150

x86: buffer overrun with shadow paging + tracing

CVSS 8.8 HIGHEPSS 0.1%CWE-787
Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
Xen · Xen

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://xenbits.xenproject.org/xsa/advisory-477.htmlhttp://www.openwall.com/lists/oss-security/2026/01/27/1http://xenbits.xen.org/xsa/advisory-477.html