CVE-2025-2073Out-of-bounds Read in Google Chromeos

CWE-125Out-of-bounds Read3 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.1%
top 69.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google ChromeosGoogle Chrome OS
Timeline
PublishedApr 16
Latest updateApr 17

Description

Out-of-Bounds Read in netfilter/ipset in Linux Kernel ChromeOS [6.1, 5.15, 5.10, 5.4, 4.19] allows a local attacker with low privileges to trigger an out-of-bounds read, potentially leading to information disclosure

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5google/chromeosKernal version 6.1, 5.15. 5.10, 4.19 chromeOS version 16093.103.0Kernal version 6.1, 5.15. 5.10, 4.19 chromeOS version 16093.103.0
NVDgoogle/chrome_os16093.103.0

🔴Vulnerability Details

2
GHSA
GHSA-pv63-22w8-6xj8: Out-of-Bounds Read in ip_set_bitmap_ip2025-04-17
CVEList
CVE-2025-2073: Out-of-Bounds Read in netfilter/ipset in Linux Kernel ChromeOS [62025-04-16
CVE-2025-2073 — Out-of-bounds Read in Google Chromeos | cvebase