CVE-2025-58150
HIGH8.8EPSS 0.02%發布日:2026/1/28修改日:2026/1/29
也稱為:ALPINE-CVE-2025-58150
描述
Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing.
受影響套件(2)
- Alpine/xenfrom 0, < 4.18.5-r4
- Debian/xenfrom 0
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |