SUSE: 2025:02315-1 Important Security Update for Xen DoS Vulnerability
suse
July 15, 2025
* bsc#1027519 * bsc#1238896 * bsc#1244644 * bsc#1246112 * jsc#PED-8907
Summary
## This update for xen fixes the following issues: * Update to Xen 4.20.1 * CVE-2024-36350, CVE-2024-36357: More AMD transient execution attacks (bsc#1246112, XSA-471) * CVE-2025-27465: Incorrect stubs exception handling for flags recovery (bsc#1244644, XSA-470)
Topics Covered
References
* bsc#1027519
* bsc#1238896
* bsc#1244644
* bsc#1246112
* jsc#PED-8907
Cross-
* CVE-2024-36350
* CVE-2024-36357
* CVE-2025-27465
CVSS scores:
* CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2025-27465 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-27465 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP7
* Server Applications Module 15-SP7
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
An update that solves three vulnerabilities, contains one feature and has one
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2025:02315-1
Release Date: 2025-07-15T12:59:14Z
Rating: important
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!