CVE-2025-61553

Name of the Vulnerable Software and Affected Versions BitVisor versions commit 108df6 (2020-05-20) through commit 480907 (2025-07-06)

Description An out-of-bounds write in VirtIO network device emulation allows local attackers to cause a denial of service, potentially leading to a host hypervisor crash. Exploitation may enable arbitrary code execution or guest-to-host privilege escalation. The issue is a heap overflow occurring within a privileged hypervisor context, triggered by a crafted PCI configuration space access.

Recommendations Update BitVisor to a version after commit 480907 (2025-07-06).