Описание
Security update for xen
This update for xen fixes the following issue
- CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264066).
Список пакетов
Image SLES15-SP7-Azure-3P
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-Azure-Basic
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-Azure-Standard
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-BYOS-Azure
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-BYOS-EC2
xen-libs-4.20.3_04-150700.3.36.1
xen-tools-domU-4.20.3_04-150700.3.36.1
Image SLES15-SP7-BYOS-GCE
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-CHOST-BYOS-Aliyun
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-CHOST-BYOS-Azure
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-CHOST-BYOS-EC2
xen-libs-4.20.3_04-150700.3.36.1
xen-tools-domU-4.20.3_04-150700.3.36.1
Image SLES15-SP7-CHOST-BYOS-GCE
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-CHOST-BYOS-GDC
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-CHOST-BYOS-SAP-CCloud
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-EC2
xen-libs-4.20.3_04-150700.3.36.1
xen-tools-domU-4.20.3_04-150700.3.36.1
Image SLES15-SP7-EC2-ECS-HVM
xen-libs-4.20.3_04-150700.3.36.1
xen-tools-domU-4.20.3_04-150700.3.36.1
Image SLES15-SP7-GCE
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-GCE-3P
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-HPC-Azure
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-HPC-BYOS-Azure
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-HPC-BYOS-EC2
xen-libs-4.20.3_04-150700.3.36.1
xen-tools-domU-4.20.3_04-150700.3.36.1
Image SLES15-SP7-HPC-BYOS-GCE
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-Hardened-BYOS-Azure
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-Hardened-BYOS-EC2
xen-libs-4.20.3_04-150700.3.36.1
xen-tools-domU-4.20.3_04-150700.3.36.1
Image SLES15-SP7-Hardened-BYOS-GCE
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-Azure
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-Azure-3P
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-BYOS-Azure
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-BYOS-EC2
xen-libs-4.20.3_04-150700.3.36.1
xen-tools-domU-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-BYOS-GCE
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-EC2
xen-libs-4.20.3_04-150700.3.36.1
xen-tools-domU-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-GCE
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-GCE-3P
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-Hardened-Azure
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-Hardened-BYOS-Azure
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-Hardened-BYOS-EC2
xen-libs-4.20.3_04-150700.3.36.1
xen-tools-domU-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-Hardened-BYOS-GCE
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAP-Hardened-GCE
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAPCAL-Azure
xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAPCAL-EC2
xen-libs-4.20.3_04-150700.3.36.1
xen-tools-domU-4.20.3_04-150700.3.36.1
Image SLES15-SP7-SAPCAL-GCE
xen-libs-4.20.3_04-150700.3.36.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
xen-libs-4.20.3_04-150700.3.36.1
xen-tools-domU-4.20.3_04-150700.3.36.1
SUSE Linux Enterprise Module for Server Applications 15 SP7
xen-4.20.3_04-150700.3.36.1
xen-devel-4.20.3_04-150700.3.36.1
xen-tools-4.20.3_04-150700.3.36.1
xen-tools-xendomains-wait-disk-4.20.3_04-150700.3.36.1
Ссылки
- Link for SUSE-SU-2026:1998-1
- E-Mail link for SUSE-SU-2026:1998-1
- SUSE Security Ratings
- SUSE Bug 1262178
- SUSE Bug 1262180
- SUSE Bug 1264066
- SUSE CVE CVE-2025-54518 page
- SUSE CVE CVE-2026-23557 page
- SUSE CVE CVE-2026-23558 page
Описание
Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.
Затронутые продукты
Image SLES15-SP7-Azure-3P:xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-Azure-Basic:xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-Azure-Standard:xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-BYOS-Azure:xen-libs-4.20.3_04-150700.3.36.1
Ссылки
- CVE-2025-54518
- SUSE Bug 1264013
- SUSE Bug 1264066
- SUSE Bug 1264096
Описание
Any guest can cause xenstored to crash by issuing a XS_RESET_WATCHES command within a transaction due to an assert() triggering. In case xenstored was built with NDEBUG #defined nothing bad will happen, as assert() is doing nothing in this case. Note that the default is not to define NDEBUG for xenstored builds even in release builds of Xen.
Затронутые продукты
Image SLES15-SP7-Azure-3P:xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-Azure-Basic:xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-Azure-Standard:xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-BYOS-Azure:xen-libs-4.20.3_04-150700.3.36.1
Ссылки
- CVE-2026-23557
- SUSE Bug 1262178
Описание
The adjustments made for XSA-379 as well as those subsequently becoming XSA-387 still left a race window, when a HVM or PVH guest does a grant table version change from v2 to v1 in parallel with mapping the status page(s) via XENMEM_add_to_physmap. Some of the status pages may then be freed while mappings of them would still be inserted into the guest's secondary (P2M) page tables.
Затронутые продукты
Image SLES15-SP7-Azure-3P:xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-Azure-Basic:xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-Azure-Standard:xen-libs-4.20.3_04-150700.3.36.1
Image SLES15-SP7-BYOS-Azure:xen-libs-4.20.3_04-150700.3.36.1
Ссылки
- CVE-2026-23558
- SUSE Bug 1262180