Buffer Overflow Vulnerability in SUSE Virtual Machine Driver Pack
CVE-2025-8412

2LOW

Key Information:

Vendor

Suse

Vendor
CVE Published:
14 July 2026

What is CVE-2025-8412?

A vulnerability exists within the SUSE Virtual Machine Driver Pack that stems from a buffer copy operation not verifying the size of the input. This 'Classic Buffer Overflow' flaw can be exploited by an attacker who has the capability to modify the system's registry, potentially compromising the integrity of the driver. While there is currently no known practical method to exploit this vulnerability, it remains a concern for users of the affected versions of the driver pack.

Affected Version(s)

Virtual Machine Driver Pack 0

References

CVSS V4

Score:
2
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Andrea Monzani
.