Medium severity5.5NVD Advisory· Published Nov 17, 2025· Updated Apr 15, 2026
CVE-2025-13193
CVE-2025-13193
Description
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17- osv-coords15 versionspkg:rpm/opensuse/libvirt&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/libvirt&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/libvirt&distro=openSUSE%20Tumbleweedpkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Micro%206.2
< 10.0.0-150600.8.12.1+ 14 more
- (no CPE)range: < 10.0.0-150600.8.12.1
- (no CPE)range: < 11.4.0-160000.3.1
- (no CPE)range: < 11.9.0-2.1
- (no CPE)range: < 7.1.0-150300.6.44.1
- (no CPE)range: < 8.0.0-150400.7.14.1
- (no CPE)range: < 8.0.0-150400.7.14.1
- (no CPE)range: < 9.0.0-150500.6.26.1
- (no CPE)range: < 11.0.0-150700.4.13.1
- (no CPE)range: < 11.0.0-150700.4.13.1
- (no CPE)range: < 11.4.0-160000.3.1
- (no CPE)range: < 11.4.0-160000.3.1
- (no CPE)range: < 5.1.0-13.45.1
- (no CPE)range: < 10.0.0-4.1
- (no CPE)range: < 10.0.0-slfo.1.1_2.1
- (no CPE)range: < 11.4.0-160000.3.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.