Mageia 9: xen Critical Security Fix for Multiple CVE 2025-0270

mageia

November 9, 2025

MGASA-2025-0270 - Updated xen packages fix security vulnerabilities

Summary

Description: Double unlock in x86 guest IRQ handling. (CVE-2024-31143) Xapi: Metadata injection attack against backup/restore functionality. (CVE-2024-31144) Error handling in x86 IOMMU identity mapping. (CVE-2024-31145) PCI device pass-through with shared resources. (CVE-2024-31146) x86: Deadlock in vlapic_error(). (CVE-2024-45817) Deadlock in x86 HVM standard VGA handling. (CVE-2024-45818) libxl leaks data to PVH guests via ACPI tables. (CVE-2024-45819) Backend can crash Linux netfront. (CVE-2024-53240) Xen hypercall page unsafe against speculative attacks. (CVE-2024-53241) Deadlock potential with VT-d and legacy PCI device pass-through. (CVE-2025-1713) x86: Indirect Target Selection. (CVE-2024-28956) x86: Incorrect stubs exception handling for flags recovery. (CVE-2025-27465) TSA-SQ (TSA in the Store Queues). (CVE-2024-36350) TSA-L1 (TSA in the L1 data cache). (CVE-2024-36357) A NULL pointer dereference in the updating of the reference TSC area. (CVE-2025-27466) A NULL pointer de...

References

- https://bugs.mageia.org/show_bug.cgi?id=33401

- https://www.openwall.com/lists/oss-security/2024/07/16/3

- https://www.openwall.com/lists/oss-security/2024/07/16/4

- https://www.openwall.com/lists/oss-security/2024/08/14/2

- https://www.openwall.com/lists/oss-security/2024/08/14/3

- https://www.openwall.com/lists/oss-security/2024/09/24/1

- https://www.openwall.com/lists/oss-security/2024/11/12/2

- https://www.openwall.com/lists/oss-security/2024/11/12/1

- https://www.openwall.com/lists/oss-security/2024/12/17/1

- https://www.openwall.com/lists/oss-security/2024/12/17/2

- https://www.openwall.com/lists/oss-security/2025/02/27/1

- https://www.openwall.com/lists/oss-security/2025/05/12/4

- https://www.openwall.com/lists/oss-security/2025/05/12/5

- https://www.openwall.com/lists/oss-security/2025/05/27/1

- https://www.openwall.com/lists/oss-security/2025/07/01/1

- https://www.openwall.com/lists/oss-security/2025/07/08/2

- https://www.openwall.com/lists/oss-security/2025/08/28/2

- https://www.openwall.com/lists/oss-security/2025/09/09/1

- https://www.openwall.com/lists/oss-security/2025/09/09/2

- https://www.openwall.com/lists/oss-security/2025/09/09/3

- https://www.openwall.com/lists/oss-security/2025/10/21/1

- https://www.openwall.com/lists/oss-security/2025/10/24/1

- https://www.openwall.com/lists/oss-security/2025/11/05/4

- https://www.cve.org/CVERecord?id=CVE-2024-31143

- https://www.cve.org/CVERecord?id=CVE-2024-31144

- https://www.cve.org/CVERecord?id=CVE-2024-31145

- https://www.cve.org/CVERecord?id=CVE-2024-31146

- https://www.cve.org/CVERecord?id=CVE-2024-45817

- https://www.cve.org/CVERecord?id=CVE-2024-45818

- https://www.cve.org/CVERecord?id=CVE-2024-45819

- https://www.cve.org/CVERecord?id=CVE-2024-53240

- https://www.cve.org/CVERecord?id=CVE-2024-53241

- https://www.cve.org/CVERecord?id=CVE-2025-1713

- https://www.cve.org/CVERecord?id=CVE-2024-28956

- https://www.cve.org/CVERecord?id=CVE-2025-27462

- https://www.cve.org/CVERecord?id=CVE-2025-27463

- https://www.cve.org/CVERecord?id=CVE-2025-27464

- https://www.cve.org/CVERecord?id=CVE-2025-27465

- https://www.cve.org/CVERecord?id=CVE-2024-36350

- https://www.cve.org/CVERecord?id=CVE-2024-36357

Topics Covered

security advisory denial of service critical xen CVE Mageia

Resolution

SRPMS

- 9/core/xen-4.17.5-1.git20251028.1.mga9

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 09 Nov 2025

URL: https://advisories.mageia.org/MGASA-2025-0270.html

Type: security

CVE: CVE-2024-31143, CVE-2024-31144, CVE-2024-31145, CVE-2024-31146, CVE-2024-45817, CVE-2024-45818, CVE-2024-45819, CVE-2024-53240, CVE-2024-53241, CVE-2025-1713, CVE-2024-28956, CVE-2025-27462, CVE-2025-27463, CVE-2025-27464, CVE-2025-27465, CVE-2024-36350, CVE-2024-36357

Topics Covered

security advisory denial of service critical xen CVE Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 9: xen Critical Security Fix for Multiple CVE 2025-0270

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 9: xen Critical Security Fix for Multiple CVE 2025-0270

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!