Количество 7
Количество 7
CVE-2025-58149
When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allows the domain itself to map the memory in the page-tables. For HVM it would require a compromised device model or stubdomain to map the leaked memory into the HVM domain p2m.
CVE-2025-58149
When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allows the domain itself to map the memory in the page-tables. For HVM it would require a compromised device model or stubdomain to map the leaked memory into the HVM domain p2m.
CVE-2025-58149
When passing through PCI devices, the detach logic in libxl won't remo ...
SUSE-SU-2025:4419-1
Security update for xen
GHSA-38qg-7h9q-7h29
When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allows the domain itself to map the memory in the page-tables. For HVM it would require a compromised device model or stubdomain to map the leaked memory into the HVM domain p2m.
SUSE-SU-2026:0328-1
Security update for xen
SUSE-SU-2026:0012-1
Security update for xen
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-58149 When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allows the domain itself to map the memory in the page-tables. For HVM it would require a compromised device model or stubdomain to map the leaked memory into the HVM domain p2m. | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
 | CVE-2025-58149 When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allows the domain itself to map the memory in the page-tables. For HVM it would require a compromised device model or stubdomain to map the leaked memory into the HVM domain p2m. | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
| CVE-2025-58149 When passing through PCI devices, the detach logic in libxl won't remo ... | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
 | SUSE-SU-2025:4419-1 Security update for xen | 0% Низкий | около 2 месяцев назад | |
| GHSA-38qg-7h9q-7h29 When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allows the domain itself to map the memory in the page-tables. For HVM it would require a compromised device model or stubdomain to map the leaked memory into the HVM domain p2m. | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
| SUSE-SU-2026:0328-1 Security update for xen | 12 дней назад | ||
| SUSE-SU-2026:0012-1 Security update for xen | около 1 месяца назад |
Уязвимостей на страницу