Unrated severityNVD Advisory· Published Jan 28, 2026· Updated Jan 28, 2026
x86: buffer overrun with shadow paging + tracing
CVE-2025-58150
Description
Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- osv-coords9 versionspkg:rpm/opensuse/xen&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/xen&distro=openSUSE%20Tumbleweedpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 4.18.5_10-150600.3.37.1+ 8 more
- (no CPE)range: < 4.18.5_10-150600.3.37.1
- (no CPE)range: < 4.21.0_04-1.1
- (no CPE)range: < 4.14.6_28-150300.3.94.1
- (no CPE)range: < 4.16.7_06-150400.4.78.1
- (no CPE)range: < 4.16.7_06-150400.4.78.1
- (no CPE)range: < 4.17.6_04-150500.3.59.1
- (no CPE)range: < 4.20.2_04-150700.3.22.1
- (no CPE)range: < 4.20.2_04-150700.3.22.1
- (no CPE)range: < 4.12.4_64-3.137.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.