216.73.216.169

CVE-2025-58407

· Published 17/11/2025 18:15 · Modified 18/11/2025 14:06

Labels: CVE-2025-58407 2025-11-17367425dc-4d06-4041-9650-c2dc6aaa27ceCVE-2025-58407CWE-367

Essential information

Published
17/11/2025 18:15
Modified
18/11/2025 14:06
Author
Creator
CVSS
7.4 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS metrics

Description

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
367425dc-4d06-4041-9650-c2dc6aaa27ce
NVD
View on NVD

References