mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
1.1 KiB
1.1 KiB
CVE-2025-58144
Description
[This CNA information record relates to multiple CVEs; thetext explains which aspects/vulnerabilities correspond to which CVE.]There are two issues related to the mapping of pages belonging to otherdomains: For one, an assertion is wrong there, where the case actuallyneeds handling. A NULL pointer de-reference could result on a releasebuild. This is CVE-2025-58144.And then the P2M lock isn't held until a page reference was actuallyobtained (or the attempt to do so has failed). Otherwise the page cannot only change type, but even ownership in between, thus allowingdomain boundaries to be violated. This is CVE-2025-58145.
POC
Reference
No PoCs from references.