3 matches found
Security update for xen
This update for xen fixes the following issues: Update to Xen 4.17.6. Security issues fixed: CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to them bsc1252692. Other issues fixed: Several upstream bug fixes...
Security update for xen
This update for xen fixes the following issues: Update to Xen 4.20.2 jscPED-8907. Security issues fixed: CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to it XSA-476, bsc1252692. Other issues fixed: Failure to...
CVE-2025-58149
CVE-2025-58149 affects the Xen hypervisor. The detach logic for PCI devices fails to remove access permissions to 64‑bit memory BARs when a device is unplugged, allowing PV guests to access memory of devices no longer assigned to them (HVM implications noted with required compromised device model...