Back to overview

CVE-2025-8412

LOW
2.0
CVSS 4.0
Description
A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in SUSE Virtual Machine Driver Pack allows an attacker with the ability to modify the registry to affect the integrity of the driver. We're not aware of a feasible way to exploit this currently. This issue affects Virtual Machine Driver Pack: before e7a602ec232756ead019bdf19d6d3b9d010cc94b.

Metadata

CVE ID
CVE-2025-8412
State
PUBLISHED
Assigner
suse
Reserved
2025-07-31 09:41 UTC
Published
2026-07-14 07:42 UTC
Last updated
2026-07-14 07:42 UTC
Primary CWE
CWE-120
CWE-120: Buffer Copy without Checking Size of Input ('Classi…
Vendor / Product
SUSE / Virtual Machine Driver Pack
Sources
cve.org  ·  NVD

Severity & Metrics

2.0 LOW CVSS 4.0
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
Affected products (1)
VendorProductPlatformVersions
SUSE Virtual Machine Driver Pack 0 < e7a602ec232756ead019bdf19d6d3b9d010cc94b
Weakness (CWE)
CWESourceDescription
CWE-120 cna CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVSS scores (1)
ScoreSeverityVersionSourceVector
2.0 LOW 4.0 cna CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
Back to overview