What the vulnerability does

01Description

A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.

Key dates

02Disclosure timeline

March 23, 2023 CVE published
February 25, 2025 Record updated