CVE-2025-22413
published 2025-08-26CVE-2025-22413: In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure…
medium4CVSS 3.1
AVLACLPRNUINSUCLINAN
In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — |
Android
CVE-2025-22413: KVM
vendor_android·2025-03-01·CVSS 4.0
CVE-2025-22413 [MEDIUM] CVE-2025-22413: KVM
Android Security Bulletin 2025-03-01
CVE: CVE-2025-22413
Severity: HIGH
Type: ID
Component: KVM
References: A-373638114
Upstream kernel
[2]
GHSA
GHSA-xx9q-649r-gp4m: In multiple functions of hyp-main
ghsa_unreviewed·2025-08-27
CVE-2025-22413 [MEDIUM] CWE-703 GHSA-xx9q-649r-gp4m: In multiple functions of hyp-main
In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
OSV
CVE-2025-22413: In multiple functions of hyp-main
osv·2025-03-01
CVE-2025-22413 CVE-2025-22413: In multiple functions of hyp-main
In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-08-26
Published