SUSE SLES15 Security Update : xen (SUSE-SU-2026:2328-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2328-1 advisory. - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. -...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodation for VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized PV Xen domains: The user process sets up a gntdev mapping consisting of...

Astra Linux - уязвимость в linux, linux-5.10

Rogue backends can cause Denial of Service DoS attacks on guests through high-frequency events. This CNA information record relates to multiple Common Vulnerabilities and Exposures CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Xen allows for the execution of PV...

x86: CPU Opcode Cache corruption

ISSUE DESCRIPTION AMD have disclosed a potential vulnerability in certain CPUs which can cause instructions to execute at a higher privilege. For more information, see: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7052.html IMPACT Code of any privilege could escalate to a...

Astra Linux - уязвимость в linux

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the event-handling loop a race condition. This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash vi...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing the DMACR register The chapter “B Generic UART” in “ARM Server Base System Architecture” 1 describes a generic UART interface. Such a generic UART does not support DMA. In current cod...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

Transmitted requests in Xen’s virtual network protocol can consist of multiple parts. Although none of them are actually useful, except for the initial part, any of these parts can be of zero length, meaning they carry no data at all. Apart from the certain initial portion of the data to be...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013857)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013857 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing DMACR register Chapter B Generic UART in ARM Server...

CVE-2026-23554

A flaw was found in Xen. An optimization in the Intel Extended Page Table EPT paging code, used by Xen, defers flushing cached EPT state. However, the freeing of paging structures is not similarly deferred. This can result in freed memory pages remaining in the cached state, allowing stale entrie...

CVE-2026-23553 x86: incomplete IBPB for vCPU isolation

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

CVE-2026-23553 x86: incomplete IBPB for vCPU isolation

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

CVE-2026-23553

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

MiracleLinux 7 : kernel-3.10.0-327.3.1.el7 (AXSA:2015-969:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-969:06 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004306)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004306 advisory. An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service host OS hang via a high rate...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004227)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004227 advisory. An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004162)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004162 advisory. An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service host OS hang via a high rate...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001333)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001333 advisory. An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the...

MiracleLinux 3 : kernel-2.6.18-348.5.AXS3 (AXSA:2013-550:05)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-550:05 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000608)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000608 advisory. The switchto function in arch/x86/kernel/process64.c in the Linux kernel does not properly context- switch IOPL on 64-bit PV Xen guests, which allows local guest OS...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001013)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001013 advisory. The pcibackenablemsi function in the PCI backend driver drivers/xen/pciback/confspacecapabilitymsi.c in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users...