CVE-2025-8860

EPSS 0.01%
Veröffentlicht 18.02.2026 20:49:06
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle patrick@puiterwijk.org
CVE-Watchlists
Login
Unerledigt
Login

Qemu-kvm: uefi-vars: information disclosure vulnerability in uefi_vars_write callback

A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFI_VARS_REG_BUFFER_SIZE, the .write callback `uefi_vars_write` is invoked. The function allocates a heap buffer without zeroing the memory, leaving the buffer filled with residual data from prior allocations. When the guest later reads from register UEFI_VARS_REG_PIO_BUFFER_TRANSFER, the .read callback `uefi_vars_read` returns leftover metadata or other sensitive process memory from the previously allocated buffer, leading to an information disclosure vulnerability.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

CNA 10 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Collection URLhttps://gitlab.com/qemu-project/qemu

≫

Paket qemu

Default Statusunaffected

Version 10.0.0

Version < 10.1.0

Status affected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 10

Default Statusunaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 6

Default Statusunaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 7

Default Statusunaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 7

Default Statusunaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8

Default Statusunaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8 Advanced Virtualization

Default Statusunaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 8 Advanced Virtualization

Default Statusunaffected

HerstellerRed Hat

≫

Produkt Red Hat Enterprise Linux 9

Default Statusunaffected

HerstellerRed Hat

≫

Produkt Red Hat OpenShift Container Platform 4

Default Statusunaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.005

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
patrick@puiterwijk.org	3.3	1.8	1.4	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer

The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.

https://access.redhat.com/security/cve/CVE-2025-8860

https://bugzilla.redhat.com/show_bug.cgi?id=2387588

https://nvd.nist.gov/vuln/detail/CVE-2025-8860

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-8860

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-8860

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-8860