Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

openSUSE Leap 15.6 SUSE-2026-0306-3 Severely Affected by CVE-2025-58202

suse
Calendar Grey January 28, 2026
Dist Suse Esm H88
Moderate security update for openSUSE addressing buffer overrun and vCPU isolation issues with xen.
An update that solves two vulnerabilities can now be installed.

Summary

## This update for xen fixes the following issues: * CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing (XSA-477) (bsc#1256745) * CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation (XSA-479) (bsc#1256747)

References

* bsc#1256745

* bsc#1256747

Cross-

* CVE-2025-58150

* CVE-2026-23553

CVSS scores:

* CVE-2025-58150 ( SUSE ): 4.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2025-58150 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

* CVE-2026-23553 ( SUSE ): 6.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

* CVE-2026-23553 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.6

An update that solves two vulnerabilities can now be installed.

##

* https://www.suse.com/security/cve/CVE-2025-58150.html

* https://www.suse.com/security/cve/CVE-2026-23553.html

* https://bugzilla.suse.com/show_bug.cgi?id=1256745

* https://bugzilla.suse.com/show_bug.cgi?id=1256747

Announcement ID: SUSE-SU-2026:0306-1
Release Date: 2026-01-27T16:15:20Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here