[SECURITY] Fedora 44 Update: xen-4.21.1-3.fc44

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 43 Update: xen-4.20.3-3.fc43

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)

The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in the .notes section. When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the “startupxen” entry point. This information is used before booting...

Astra Linux - уязвимость в xen

Inappropriate x86 IOMMU timeout detection/handling: IOMMU processes commands that are issued in parallel with the operation of the CPUs that issue those commands. In the current implementation in Xen, asynchronous notifications of the completion of such commands are not used. Instead, the issuing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timers only once A check for existing xen timers was added before initializing a new timer. Currently, the kvmxeninittimer function is called every time KVMXENVCPUATTRTYPETIMER is used; this causes an...

EUVD-2026-30928

The adjustments made for XSA-379 as well as those subsequently becoming XSA-387 still left a race window, when a HVM or PVH guest does a grant table version change from v2 to v1 in parallel with mapping the status pages via XENMEMaddtophysmap. Some of the status pages may then be freed while...

USN-8275-1 linux-xilinx-zynqmp vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

Xen 竞争条件问题漏洞

Xen is an open-source virtual machine monitor product developed by Xen. This product allows different and incompatible operating systems to run on the same computer. It also supports migration during runtime, ensuring smooth operation and avoiding downtime. Xen has a race condition vulnerability,...

[SECURITY] Fedora 42 Update: xen-4.19.5-2.fc42

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

USN-8180-6: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

USN-8180-6 linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

SUSE-SU-2026:1743-1 Security update for xen

This update for xen fixes the following issues: - Update to Xen 4.20.3 bug fix release bsc1027519 jscPED-8907. - CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. - CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. - CVE-2026-23558: grant...

CVE-2026-43249

The CVE-2026-43249 entry describes a race in the Linux kernel 9p/xen frontend: xenwatch and backend change notifications can concurrently call xen_9pfs_front_free, causing a double-free and a general protection fault. The fixes guard the teardown path so only a single caller releases the front-en...

[SECURITY] Fedora 44 Update: xen-4.21.1-2.fc44

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

CVE-2026-31786

A flaw was found in the Linux kernel. A buffer overflow vulnerability exists in the Xen hypervisor driver drivers/xen/sys-hypervisor.c. This flaw occurs because the HYPERVISORxenversionXENVERbuildid function returns a build ID that is not properly null-terminated. When the buildidshow function...

[SECURITY] Fedora 43 Update: xen-4.20.3-2.fc43

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

ALPINE-CVE-2026-31786

In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned by HYPERVISORxenversionXENVERbuildid is neither NUL terminated nor a string. The first causes a buffer overflow as sprintf in buildidshow will read and copy ti...

CVE-2026-31786

In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned by HYPERVISORxenversionXENVERbuildid is neither NUL terminated nor a string. The first causes a buffer overflow as sprintf in buildidshow will read and copy ti...

CVE-2026-31786

In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned by HYPERVISORxenversionXENVERbuildid is neither NUL terminated nor a string. The first causes a buffer overflow as sprintf in buildidshow will read and copy ti...