Home > Vulnerability Database > CVE-2025-58354

Mend.io Vulnerability Database

CVE-2025-58354

Good to know:

Date: September 23, 2025

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In Kata Containers versions from 3.20.0 and before, a malicious host can circumvent initdata verification. On TDX systems running confidential guests, a malicious host can selectively fail IO operations to skip initdata verification. This allows an attacker to launch arbitrary workloads while being able to attest successfully to Trustee impersonating any benign workload. This issue has been patched in Kata Containers version 3.21.0.

Severity Score

5.3

Related Resources (4)

Url: https://github.com/kata-containers/kata-containers/security/advisories/GHSA-989w-4xr2-ww9m

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-58354

Url: https://github.com/kata-containers/kata-containers/commit/3e67f92e34be974e792c153add76e4e4baac9de0

Url: https://www.mend.io/vulnerability-database/CVE-2025-58354

Severity Score

5.3

Weakness Type (CWE)

Improper Check for Unusual or Exceptional Conditions

CWE-754

Top Fix

Upgrade Version

Upgrade to version https://github.com/kata-containers/kata-containers.git - 3.21.0

Learn More

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-58354

Good to know:

Date: September 23, 2025

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?