CVE-2025-2509

Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve arbitrary address access within the crosvm sandboxed process, potentially leading to VM escape via crafted vertex elements data triggering an out-of-bounds read in util_format_description.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://issues.chromium.org/issues/b/385851796	Broken Link
https://issuetracker.google.com/issues/385851796	Exploit Issue Tracking

Configurations

Configuration 1 (hide)

cpe:2.3:o:google:chrome_os:16093.57.0:*:*:*:*:*:*:*

History

03 Oct 2025, 14:47

Type	Values Removed	Values Added
References	~~() https://issues.chromium.org/issues/b/385851796 -~~	() https://issues.chromium.org/issues/b/385851796 - Broken Link
References	~~() https://issuetracker.google.com/issues/385851796 -~~	() https://issuetracker.google.com/issues/385851796 - Exploit, Issue Tracking
CPE		cpe:2.3:o:google:chrome_os:16093.57.0:::::::*
First Time		Google chrome Os Google

07 May 2025, 14:13

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-06 01:15

Updated : 2025-10-03 14:47

NVD link : CVE-2025-2509

Mitre link : CVE-2025-2509

CVE.ORG link : CVE-2025-2509

JSON object : View

Products Affected

google

chrome_os

CWE

CWE-125

Out-of-bounds Read

7.8 /10