Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Fedora 42: Critical Xen Viridian Bugs Advisory FEDORA-2025-7a1f93f58a

fedora
Calendar Grey September 19, 2025
Dist Fedora Esm H88
Recent issues with Xen in Fedora prompt immediate updates to avert serious security threats. Take swift action to safeguard your systems.
Mutiple vulnerabilities in the Viridian interface [XSA-472, CVE-2025-27466, CVE-2025-58142, CVE-2025-58143] Arm issues with page refcounting [XSA-473, CVE-2025-58144, CVE-2025-5814...

Summary

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

Update Information:

Mutiple vulnerabilities in the Viridian interface [XSA-472, CVE-2025-27466, CVE-2025-58142, CVE-2025-58143] Arm issues with page refcounting [XSA-473, CVE-2025-58144, CVE-2025-58145]

Topics%20covered

Topics Covered

security advisory fedora critical remote access null pointer viridian

Change Log

* Mon Sep 15 2025 Michael Young - 4.19.3-4 - Mutiple vulnerabilities in the Viridian interface [XSA-472, CVE-2025-27466, CVE-2025-58142, CVE-2025-58143] - Arm issues with page refcounting [XSA-473, CVE-2025-58144, CVE-2025-58145]

References


[ 1 ] Bug #2395132 - CVE-2025-58145 xen: Arm issues with page refcounting [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2395132 [ 2 ] Bug #2395134 - CVE-2025-58144 xen: Arm issues with page refcounting [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2395134 [ 3 ] Bug #2395158 - CVE-2025-58142 xen: NULL pointer dereference by assuming the SIM page is mapped when a synthetic timer message has to be delivered [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2395158 [ 4 ] Bug #2395160 - CVE-2025-58143 xen: race condition when the mapping of the reference TSC page [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2395160 [ 5 ] Bug #2395162 - CVE-2025-27466 xen: A NULL pointer dereference in the updating of the reference TSC area [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2395162

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-7a1f93f58a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: xen
Product: Fedora 42
Version: 4.19.3
Release: 4.fc42
URL: https://xenproject.org/
Summary: Xen is a virtual machine monitor

Topics%20covered

Topics Covered

security advisory fedora critical remote access null pointer viridian

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here