Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-w95q-73jr-p478

Опубликовано: 08 дек. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 7.8

Описание

In __pkvm_load_tracing of trace.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

In __pkvm_load_tracing of trace.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Ссылки

EPSS

Процентиль: 2%
0.00013
Низкий

7.8 High

CVSS3

CVE ID

CVE-2025-48638

Дефекты

CWE-20
CWE-787

Связанные уязвимости

nvd логотип

CVE-2025-48638

CVSS3: 7.8
nvd
2 месяца назад

In __pkvm_load_tracing of trace.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

fstec логотип

BDU:2025-15122

CVSS3: 9.3
fstec
5 месяцев назад

Уязвимость технологии виртуализации pKVM (protected Kernel-based Virtual Machine) ядра операционных систем Android, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 2%
0.00013
Низкий

7.8 High

CVSS3

CVE ID

CVE-2025-48638

Дефекты

CWE-20
CWE-787