Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Fedora 41: Xen Critical Multiple Vulnerabilities XSA-472 2025-643cc72c6f

fedora
Calendar Grey October 1, 2025
Dist Fedora Esm H88
Multiple vulnerabilities in Xen for Fedora 41 require immediate attention and updates. Ensure your systems are secure today.
Mutiple vulnerabilities in the Viridian interface [XSA-472, CVE-2025-27466, CVE-2025-58142, CVE-2025-58143] Arm issues with page refcounting [XSA-473, CVE-2025-58144, CVE-2025-5814...

Summary

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

Update Information:

Mutiple vulnerabilities in the Viridian interface [XSA-472, CVE-2025-27466, CVE-2025-58142, CVE-2025-58143] Arm issues with page refcounting [XSA-473, CVE-2025-58144, CVE-2025-58145]

Topics%20covered

Topics Covered

security advisory fedora critical DoS xen cve-2025-58143

Change Log

* Mon Sep 15 2025 Michael Young - 4.19.3-3 - Mutiple vulnerabilities in the Viridian interface [XSA-472, CVE-2025-27466, CVE-2025-58142, CVE-2025-58143] - Arm issues with page refcounting [XSA-473, CVE-2025-58144, CVE-2025-58145]

References


[ 1 ] Bug #2395131 - CVE-2025-58145 xen: Arm issues with page refcounting [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2395131 [ 2 ] Bug #2395133 - CVE-2025-58144 xen: Arm issues with page refcounting [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2395133 [ 3 ] Bug #2395157 - CVE-2025-58142 xen: NULL pointer dereference by assuming the SIM page is mapped when a synthetic timer message has to be delivered [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2395157 [ 4 ] Bug #2395159 - CVE-2025-58143 xen: race condition when the mapping of the reference TSC page [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2395159 [ 5 ] Bug #2395161 - CVE-2025-27466 xen: A NULL pointer dereference in the updating of the reference TSC area [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2395161

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-643cc72c6f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: xen
Product: Fedora 41
Version: 4.19.3
Release: 3.fc41
URL: https://xenproject.org/
Summary: Xen is a virtual machine monitor

Topics%20covered

Topics Covered

security advisory fedora critical DoS xen cve-2025-58143

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here