CVE-2025-58151
CWE-367Published: July 9, 2026· Updated: Jul 9, 2026
Official Description
varstored is a component of the Xapi toolstack handling UEFI Variables
for a VM. It has a communication path with OVMF inside the VM involving
mapping a buffer prepared by OVMF.
Within varstored, there were insufficient compiler barriers, creating
TOCTOU issues with data in the shared buffer.
The exact vulnerable behaviour depends on the code generated by the
compiler. In a build of varstored using default settings, the attacker
can control an index used in a jump table.
Risk Analysis
This critical vulnerability in varstored, a component of the Xapi toolstack handling UEFI Variables, arises from insufficient compiler barriers. This creates Time-of-Check to Time-of-Use (TOCTOU) issues with data in a shared buffer, potentially allowing an attacker to control an index in a jump table. With a CVSS score of 9.4, this flaw is considered critical, though its EPSS score is currently unavailable, and it is not confirmed to be exploited in the wild.
No public exploit is currently known for this vulnerability, and it is not listed in CISA's Known Exploited Vulnerabilities catalog.
Apply patches or upgrades for varstored to address the TOCTOU issues and ensure proper compiler barriers are in place. Regularly update virtualization components to mitigate such vulnerabilities.
Technical Analysis
CVE-2025-58151 requires local access, meaning attackers must already have a foothold on the target system.
The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.
CVSS v3.1 Vector Breakdown
Exploit & PoC Resources
All References (3)
Quick Facts
Related CVEs (CWE-367)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2025-58151 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts