Security update for xen

This update for xen fixes the following issues: Security fixes: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 CVE-2025-58149: Fixed incorrect removal od permissions on PCI device...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2025:4419-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4419-1 advisory. Update to Xen 4.20.2 jscPED-8907. Security issues fixed: - CVE-2025-58149: incorrect removal of permissions on PCI devi...

CVE-2022-50615 perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snruncoremmiomap pcigetdevice will increase the reference count for the returned pcidev, so snruncoregetmcdev will return a pcidev with its reference count increased. We need to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990062)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990062 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: avoid possible crash when edev-pdev changes If a PCI device is removed during...

CVE-2025-58149 Incorrect removal of permissions on PCI device unplug

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

Fedora 43 : xen (2025-22fd93478b)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-22fd93478b advisory. Incorrect removal of permissions on PCI device unplug XSA-476, CVE-2025-58149 ---- x86: Incorrect input sanitisation in Viridian hypercalls XSA-475,...

CVE-2023-53175

In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fix a crash in hvpcirestoremsimsg during hibernation When a Linux VM with an assigned PCI device runs on Hyper-V, if the PCI device driver is not loaded yet i.e. MSI-X/MSI is not enabled on the device yet, doing a VM...

CVE-2024-6657

A denial of service may be caused to a single peripheral device in a BLE network when multiple central devices continuously connect and disconnect to the peripheral. A hard reset is required to recover the peripheral device...

SUSE CVE-2024-53232

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Implement blocking domain This fixes a crash when surprise hot-unplugging a PCI device. This crash happens because during hot-unplug iommugroupsetdomainnofail attaching the default domain fails when the platform no...

CVE-2024-6657

A denial of service may be caused to a single peripheral device in a BLE network when multiple central devices continuously connect and disconnect to the peripheral. A hard reset is required to recover the peripheral device...

CVE-2024-6657 BLE peripheral DoS after few cycles of connect/disconnects

A denial of service may be caused to a single peripheral device in a BLE network when multiple central devices continuously connect and disconnect to the peripheral. A hard reset is required to recover the peripheral device...

CVE-2024-6657

CVE-2024-6657 affects Siemens Sentron Powercenter 1000/1100 BLE subsystem. A denial-of-service can occur in a BLE network when multiple central devices repeatedly connect/disconnect to a peripheral, with recovery requiring a hard reset. The DoS is linked to synchronization errors in the BLE compo...

PT-2024-9466 · Siemens · Sentron Powercenter 1000/1100

Name of the Vulnerable Software and Affected Versions: Sentron Powercenter 1000/1100 affected versions not specified Description: A denial of service issue may occur in a BLE network when multiple central devices continuously connect and disconnect to a peripheral device, requiring a hard reset t...

SUSE CVE-2024-26738

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: DLPAR add doesn't completely initialize pcicontroller When a PCI device is dynamically added, the kernel oopses with a NULL pointer dereference: BUG: Kernel NULL pointer dereference on read at 0x00000030...

CVE-2022-42335

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...

DEBIAN-CVE-2020-29567

An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of IRQ handling, IRQ vectors are dynamically allocated and de-allocated on the relevant CPUs. De-allocation has to happen when certain constraints are met. If these conditions are not met when first checke...

Wacom Tablet Data Exfiltration Raises Security Concerns

The Wacom digital drawing tablet appears to be silently exfiltrating user data, according to an investigation by software engineer Robert Heaton – and the company responded on Friday, downplaying the report. However, security researchers say the tablets still pose a risk and a privacy problem...

Xen Denial of Service Vulnerability (CNVD-2019-34763)

Xen is an open source virtual machine monitor product. Xen suffers from a denial-of-service vulnerability that stems from a page-writable contention condition during the addition of a passed PCI device, which can be exploited by an x86 PV client OS attacker to cause a denial of service or gain...

Apple Patent Links Power Cord To Password Recovery

The filing, 20120005747A1, describes a method for storing a password recover secret on a peripheral device, including a power adapter. The development would, in essence, turn power cords and other peripherals into a second factor that would make it harder for thieves to gain access to devices the...