CVE-2025-13193

Medium CVSS: 5.5

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability.

Vendor

Product

CWE

CWE-276

Yayın Tarihi

2025-11-17 17:15:47

Güncelleme

2025-11-18 14:06:29

Source Identifier

secalert@redhat.com

KEV Date Added

Kategoriler

CWE-276 MEDIUM 2025

Referanslar

https://access.redhat.com/security/cve/CVE-2025-13193 https://bugzilla.redhat.com/show_bug.cgi?id=2415409