Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2025:3843-1

Опубликовано: 28 окт. 2025
Источник: suse-cvrf

Описание

Security update for xen

This update for xen fixes the following issues:

  • CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls (bsc#1251271, XSA-475)
  • CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface (bsc#1248807, XSA-472)

Список пакетов

Image SLES15-SP4-BYOS
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-EC2
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-GCE
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-CHOST-BYOS
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-CHOST-BYOS-Aliyun
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-CHOST-BYOS-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-CHOST-BYOS-EC2
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-CHOST-BYOS-GCE
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-CHOST-BYOS-SAP-CCloud
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-HPC-BYOS
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-HPC-BYOS-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-HPC-BYOS-EC2
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-HPC-BYOS-GCE
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-HPC-EC2
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-HPC-GCE
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Hardened-BYOS
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Hardened-BYOS-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Hardened-BYOS-EC2
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Hardened-BYOS-GCE
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Manager-Server-4-3-BYOS
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Micro-5-3-BYOS
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Micro-5-3-BYOS-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Micro-5-4-BYOS
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-Micro-5-4-BYOS-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-BYOS
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-BYOS-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-BYOS-EC2
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-BYOS-GCE
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-EC2
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-GCE
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Hardened
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Hardened-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Hardened-BYOS
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Hardened-BYOS-GCE
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAP-Hardened-GCE
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAPCAL
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAPCAL-Azure
xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAPCAL-EC2
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-SAPCAL-GCE
xen-libs-4.16.7_04-150400.4.75.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
xen-4.16.7_04-150400.4.75.1
xen-devel-4.16.7_04-150400.4.75.1
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
xen-4.16.7_04-150400.4.75.1
xen-devel-4.16.7_04-150400.4.75.1
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
SUSE Linux Enterprise Micro 5.3
xen-libs-4.16.7_04-150400.4.75.1
SUSE Linux Enterprise Micro 5.4
xen-libs-4.16.7_04-150400.4.75.1
SUSE Linux Enterprise Server 15 SP4-LTSS
xen-4.16.7_04-150400.4.75.1
xen-devel-4.16.7_04-150400.4.75.1
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
xen-4.16.7_04-150400.4.75.1
xen-devel-4.16.7_04-150400.4.75.1
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
SUSE Manager Proxy LTS 4.3
xen-4.16.7_04-150400.4.75.1
xen-devel-4.16.7_04-150400.4.75.1
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1
SUSE Manager Server LTS 4.3
xen-4.16.7_04-150400.4.75.1
xen-devel-4.16.7_04-150400.4.75.1
xen-libs-4.16.7_04-150400.4.75.1
xen-tools-4.16.7_04-150400.4.75.1
xen-tools-domU-4.16.7_04-150400.4.75.1
xen-tools-xendomains-wait-disk-4.16.7_04-150400.4.75.1

Ссылки

Описание

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference TSC area. This is CVE-2025-27466. 2. A NULL pointer dereference by assuming the SIM page is mapped when a synthetic timer message has to be delivered. This is CVE-2025-58142. 3. A race in the mapping of the reference TSC page, where a guest can get Xen to free a page while still present in the guest physical to machine (p2m) page tables. This is CVE-2025-58143.

Затронутые продукты
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-EC2:xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-GCE:xen-libs-4.16.7_04-150400.4.75.1
Ссылки

Описание

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference TSC area. This is CVE-2025-27466. 2. A NULL pointer dereference by assuming the SIM page is mapped when a synthetic timer message has to be delivered. This is CVE-2025-58142. 3. A race in the mapping of the reference TSC page, where a guest can get Xen to free a page while still present in the guest physical to machine (p2m) page tables. This is CVE-2025-58143.

Затронутые продукты
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-EC2:xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-GCE:xen-libs-4.16.7_04-150400.4.75.1
Ссылки

Описание

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference TSC area. This is CVE-2025-27466. 2. A NULL pointer dereference by assuming the SIM page is mapped when a synthetic timer message has to be delivered. This is CVE-2025-58142. 3. A race in the mapping of the reference TSC page, where a guest can get Xen to free a page while still present in the guest physical to machine (p2m) page tables. This is CVE-2025-58143.

Затронутые продукты
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-EC2:xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-GCE:xen-libs-4.16.7_04-150400.4.75.1
Ссылки

Описание

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause out-of-bounds reads and writes while processing the inputs. * CVE-2025-58147. Hypercalls using the HV_VP_SET Sparse format can cause vpmask_set() to write out of bounds when converting the bitmap to Xen's format. * CVE-2025-58148. Hypercalls using any input format can cause send_ipi() to read d->vcpu[] out-of-bounds, and operate on a wild vCPU pointer.

Затронутые продукты
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-EC2:xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-GCE:xen-libs-4.16.7_04-150400.4.75.1
Ссылки

Описание

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause out-of-bounds reads and writes while processing the inputs. * CVE-2025-58147. Hypercalls using the HV_VP_SET Sparse format can cause vpmask_set() to write out of bounds when converting the bitmap to Xen's format. * CVE-2025-58148. Hypercalls using any input format can cause send_ipi() to read d->vcpu[] out-of-bounds, and operate on a wild vCPU pointer.

Затронутые продукты
Image SLES15-SP4-BYOS-Azure:xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-EC2:xen-libs-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-EC2:xen-tools-domU-4.16.7_04-150400.4.75.1
Image SLES15-SP4-BYOS-GCE:xen-libs-4.16.7_04-150400.4.75.1
Ссылки
Уязвимость SUSE-SU-2025:3843-1