CVE-2020-25637

EPSS 0.12% · P31 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-25637

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

双重释放

Source: NVD (National Vulnerability Database)

Vulnerability Title

Red Hat libvirt 资源管理错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Red Hat libvirt是美国红帽（Red Hat）公司的一个用于实现Linux虚拟化功能的Linux API，它支持各种Hypervisor，包括Xen和KVM，以及QEMU和用于其他操作系统的一些虚拟产品。 Red Hat libvirt 资源管理错误漏洞。该漏洞源于网络系统或产品对系统资源（如内存、磁盘空间、文件等）的管理不当。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	libvirt	libvirt versions before 6.8.0	-

II. Public POCs for CVE-2020-25637

#	POC Description	Source Link	Shenlong Link
1	Double Free	https://github.com/brahmiboudjema/CVE-2020-25637-libvirt-double-free	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-25637

请登录查看更多情报信息。

Same Patch Batch · n/a · 2020-10-06 · 51 CVEs total

CVE-2020-7741	9.9 CRITICAL	Cross-site Scripting (XSS)
CVE-2020-7739	8.2 HIGH	Server-side Request Forgery (SSRF)
CVE-2020-7740	8.2 HIGH	Server-side Request Forgery (SSRF)
CVE-2020-8782	7.5 HIGH	ALEOS LAN-Side RPC Service Remote Code Execution
CVE-2020-24219		IPTV H.264/H.265 video 路径遍历漏洞
CVE-2020-25643		Linux kernel 输入验证错误漏洞
CVE-1999-0199		GNU C Library和Library 安全漏洞
CVE-2020-26572		OpenSC 缓冲区错误漏洞
CVE-2020-26571		OpenSC 缓冲区错误漏洞
CVE-2020-26570		OpenSC 缓冲区错误漏洞
CVE-2020-25613		Ruby 环境问题漏洞
CVE-2020-24217		IPTV H.264/H.265 video 访问控制错误漏洞
CVE-2020-24218		IPTV H.264/H.265 video 信任管理问题漏洞
CVE-2020-24216		IPTV/H.264/H.265 video 默认配置问题漏洞
CVE-2020-25641		Linux kernel 安全漏洞
CVE-2020-15598		ModSecurity 安全漏洞
CVE-2020-7465		MPD 缓冲区错误漏洞
CVE-2020-7466		MPD 缓冲区错误漏洞
CVE-2020-8781		Sierra Wireless ALEOS 输入验证错误漏洞
CVE-2020-25743		QEMU 代码问题漏洞

Showing top 20 of 51 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: libvirt

Same vendor: n/a

Same weakness: CWE-415

V. Comments for CVE-2020-25637

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-25637

I. Basic Information for CVE-2020-25637

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-25637

III. Intelligence Information for CVE-2020-25637

Same Patch Batch · n/a · 2020-10-06 · 51 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-25637

Leave a comment