CVE-2025-8860

LOW EPSS 4.3%

Published Feb 18, 20264mo ago · Modified Jun 17, 20261w ago

3.3 CVSS 3.1

Low

Published Feb 18, 2026 4mo ago

Last Modified Jun 17, 2026 1w ago

Description

A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFI_VARS_REG_BUFFER_SIZE, the .write callback `uefi_vars_write` is invoked. The function allocates a heap buffer without zeroing the memory, leaving the buffer filled with residual data from prior allocations. When the guest later reads from register UEFI_VARS_REG_PIO_BUFFER_TRANSFER, the .read callback `uefi_vars_read` returns leftover metadata or other sensitive process memory from the previously allocated buffer, leading to an information disclosure vulnerability.

CVSS Details

Base Score

3.3

Exploitability

1.8

Impact

1.4

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector Local

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality Low

Integrity None

Availability None

Threat Intelligence

EPSS Exploit Probability

4.3% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-212

References 2

access.redhat.com https://access.redhat.com/security/cve/CVE-2025-8860
bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=2387588

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.