CVE-2025-27465

Опубликовано: 16 июл. 2025

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

For replayed instructions where the flags recovery logic is used, the metadata for exception handling was incorrect, preventing Xen from handling the the exception gracefully, treating it as fatal instead.

Ссылки

https://xenbits.xenproject.org/xsa/advisory-470.html
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/07/01/1
Mailing List
Third Party Advisory
http://xenbits.xen.org/xsa/advisory-470.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*

Версия от 4.9.0 (включая)

EPSS

Процентиль: 42%

0.00554

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-755

Связанные уязвимости

CVE-2025-27465

CVSS3: 4.3

ubuntu

11 месяцев назад

Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replayed instructions have additional logic to set up and recover the changes to the arithmetic flags. For replayed instructions where the flags recovery logic is used, the metadata for exception handling was incorrect, preventing Xen from handling the the exception gracefully, treating it as fatal instead.

CVE-2025-27465

CVSS3: 4.3

debian

11 месяцев назад

Certain instructions need intercepting and emulating by Xen. In some ...

SUSE-SU-2025:02471-1

suse-cvrf

11 месяцев назад

Security update for xen

GHSA-2vp3-crwq-3fg5

CVSS3: 6.5

github

11 месяцев назад

BDU:2025-12579

CVSS3: 6.5

fstec

12 месяцев назад

Уязвимость гипервизора Xen, связанная с некорректной зачисткой или освобождением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 42%

0.00554

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-755