Vulners
Lucene search
Citrix XenServer DOS (XSA-470)
| Reporter | Title | Published | Views | Family All 65 |
|---|---|---|---|---|
 | CVE-2025-27465 | 1 Jul 202510:03 | – | circl |
 | Xen 安全漏洞 | 16 Jul 202500:00 | – | cnnvd |
 | XenServer Security Update for CVE-2025-27465 | 2 Jul 202512:24 | – | citrix |
 | CVE-2025-27465 | 16 Jul 202509:08 | – | cve |
 | CVE-2025-27465 x86: Incorrect stubs exception handling for flags recovery | 16 Jul 202509:08 | – | cvelist |
 | [SECURITY] [DSA 6068-1] xen security update | 2 Dec 202521:58 | – | debian |
 | CVE-2025-27465 | 16 Jul 202509:08 | – | debiancve |
 | Debian dsa-6068 : libxen-dev - security update | 2 Dec 202500:00 | – | nessus |
| Fedora 41 : xen (2025-d2a821d9d1) | 9 Aug 202500:00 | – | nessus |
| Fedora 42 : xen (2025-ddaa63a0f5) | 7 Aug 202500:00 | – | nessus |
10
#%NASL_MIN_LEVEL 80900
#
# (C) Tenable Network Security, Inc.
#
include('compat.inc');
if (description)
{
script_id(241980);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/04/30");
script_cve_id("CVE-2025-27465");
script_xref(name:"IAVB", value:"2025-B-0113-S");
script_name(english:"Citrix XenServer DOS (XSA-470)");
script_set_attribute(attribute:"synopsis", value:
"The remote Xen hypervisor installation is missing a security update.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by
a DoS vulnerability where An unprivileged guest can cause a hypervisor crash, causing a Denial of
Service (DoS) of the entire host.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://lists.xen.org/archives/html/xen-devel/2025-07/msg00027.html");
script_set_attribute(attribute:"see_also", value:"https://xenbits.xen.org/xsa/advisory-470.html");
script_set_attribute(attribute:"solution", value:
"Apply the appropriate hotfix according to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-27465");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/07/01");
script_set_attribute(attribute:"patch_publication_date", value:"2025/07/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/07/11");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:citrix:xenserver");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("xen_server_detect.nbin");
script_require_keys("installed_sw/Xen Hypervisor", "Settings/ParanoidReport");
exit(0);
}
include('vcf.inc');
include('vcf_extras.inc');
var app = 'Xen Hypervisor';
var app_info = vcf::xen_hypervisor::get_app_info(app:app);
if (report_paranoia < 2) audit(AUDIT_PARANOID);
var fixes;
var version = app_info['version'];
# there are versions that are vulnerable and seem to be EOL so they will not have the fix patch ever
# ie 4.9 had its last commit in 2020 yet advisory states it is vulnerable.
var greater_than_equal_to_first_vuln_version = ver_compare(ver:version, fix:'4.9', strict:false) >= 0;
var less_than_first_patch_version = ver_compare(ver:version, fix:'4.17', strict:false) < 0;
if (greater_than_equal_to_first_vuln_version && less_than_first_patch_version)
{
vcf::report_results(
app_info: app_info,
fix: 'See vendor advisory',
severity: SECURITY_HOLE
);
}
fixes['4.17']['fixed_ver'] = '4.17.5';
fixes['4.17']['fixed_ver_display'] = '4.17.5 (changeset 90b79a5)';
fixes['4.17']['affected_ver_regex'] = "^4\.17([^0-9]|$)";
fixes['4.17']['affected_changesets'] = make_list('015a7e3', '3c31a87',
'ddc5c1e', '1d4361b', 'ebf61f7', '15bb4cc', '2aa9922', 'd109962',
'd6654c6', 'b6eb793', 'f370d37', '2f5d4a0', '574e42e', 'a4e5191',
'1db4f1a', '9629661', 'f65f18e', '9a6bd1e', '72064cf', '4ae329d',
'0604496', 'd9606f9', '8d13862', 'f277875', '9cf7d9c', '78b984d',
'8d75f6a', '0824ba9', '8ca06b7', 'f56bf7e', '3ef9196', '1db6ce3',
'265aa7f', 'b72f32e', '9f6e015', 'd772df5', '430ce6c');
fixes['4.18']['fixed_ver'] = '4.18.5';
fixes['4.18']['fixed_ver_display'] = '4.18.5 (changeset 438bb12)';
fixes['4.18']['affected_ver_regex'] = "^4\.18([^0-9]|$)";
fixes['4.18']['affected_changesets'] = make_list('0b8f769');
fixes['4.19']['fixed_ver'] = '4.19.3';
fixes['4.19']['fixed_ver_display'] = '4.19.3-pre (changeset f830240)';
fixes['4.19']['affected_ver_regex'] = "^4\.19([^0-9]|$)";
fixes['4.19']['affected_changesets'] = make_list('4d6ddd3', '2b82a9d',
'81ffb56', 'e02b039', 'ee8ae3a', 'a24e1cd', 'ded4587', 'a71c40d',
'bcdb61a', '43aeacf', 'e9e2f32', '4876425', '2b92925', 'f33ff85',
'294bea9', '2713598', '58ab9fc', '2071948', '556ca37', '545eba2',
'4da237f', '246ed39', 'cdb61d7', '554fb24', 'cf8ff53', 'c993d8e',
'62cba67', 'cada2a8', '3e24eef', '57112bb', '7ac34d1', '24e4156',
'7e23b4e', '3cde61a', '694015c', 'd0e99ff', 'e3d6333', '19cc949',
'45f8d17', 'aa53633', 'bf87515', 'c7dbcda', 'd80a13f', 'b41df85',
'eb2b48f', '888631e', '3078218', '62890a1', '6831007', '7efd283',
'cd0fa83', '0f74a33', 'e2adda1', '9466bb1', '7ffef37', 'c7e5683',
'593c437', '3450fe0', '7abb230', '3721c34', 'f6b3786', 'ae562be', '7d82789');
fixes['4.20']['fixed_ver'] = '4.20.1';
fixes['4.20']['fixed_ver_display'] = '4.20.1-pre (changeset 9e1309b)';
fixes['4.20']['affected_ver_regex'] = "^4\.20([^0-9]|$)";
fixes['4.20']['affected_changesets'] = make_list('2f80f30', 'fd64f59',
'110bc6e', '0cd774e', '60f6137', 'ed3bf0a', '5919917', 'a60e953',
'ddec007', '612cfd7', 'ee150f5', 'f938c08', 'b1eeea4', '6850616',
'd58800f', '45056fe', 'b9e8204', 'cda26ae', 'c6a2b5e', 'f81f443',
'5992d3a', 'cf81888', '47d911f', '690655a', '0258350', '69a629b',
'1532272', '7f26cba', '20212a3', 'fd7218e', '16b30e0', '563af59',
'17bad69', 'a70222e', '18d59a6', 'e9978d0', '87ab3ad', '052e7f5',
'23f7c83', '78317ae', '17c6958', 'd747ca0', '0ab5bed', 'a30bb23',
'd6a11ac', '59be07b', '2b430f8', '5689997', 'b0a94e3', 'f2603e2',
'd4e5f8c', '56badca', '35cb38b', 'f1e8b37', 'a05e481', 'fc07876',
'7d9bbb8', '23a0299', 'ade8230', 'dee15fa', '6b399ed', 'f1dd955',
'f01a09d', '1a8df82', '2bd2c08', 'e0d9137', '5b5a11c', 'da24dcc',
'ad82c8c', 'ad569a4', '41d65b3', '95d726d', 'c413eff', 'e071b23',
'dd81219', 'fdbb32a', 'e6816c3', 'cfa5bc6', '81189d7', '0b37231',
'44407a9', '0a84ef2', '8f94c1e', '2599ee0', '3ccbe66', 'b1bbf20',
'64f9c54', 'ad063b0', 'a2cf6f9', '52c99f4', '108fcc6', 'f14c523',
'990a3d8', 'a1f8f1e', 'fcbd016', '92afeb2', '859e2c4', 'de440d0',
'da36efa', 'fbb06cf', '8c788b4', 'c607822', 'c1badde', '97f064d',
'4089358', 'b29984d', '80cbb29', 'f2ddbeb', '1ddf72b', '94928e4',
'74b40fe', 'f581b36', '4a480e7', '70038e8', 'bc3006b', 'a1a5bd4',
'1d8d575', 'b5ade8e', '48f0131', '9d46565');
vcf::xen_hypervisor::check_version_and_report(app_info:app_info, fixes:fixes, severity:SECURITY_HOLE);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
30 Apr 2026 00:00Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.14.3
EPSS0.00339
SSVC