Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
100
security advisorySuSEDoSopenSUSE 15.5 Xen DoS Grant Table Fix Advisory 2026-1657-1
An update that solves three vulnerabilities can now be installed.. # Security update for xen Announcement ID: SUSE-SU-2026:1657-1 Release Date: 2026-04-29T11:06:54Z Rating: important References: * bsc#1262178 * bsc#1262180 * bsc#1262428 Cross-References: * CVE-2025-54505 * CVE-2026-23557 * CVE-2026-23558 CVSS scores: * CVE-2025-54505 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-54505 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-54505 ( NVD ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23557 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-23558 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23558 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2025-54505: floating point divider state sampling on AMD CPUs AMD- SN-7053 (bsc#1262428). * CVE-2026-23557: Xenstored DoS via XS_RESET_WATCHES command (bsc#1262178). * CVE-2026-23558: grant table v2 race in status page mapping (bsc#1262180). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or"zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1657=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1657=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1657=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1657=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1657=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1657=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-debugsource-4.17.6_08-150500.3.65.1 * xen-libs-4.17.6_08-150500.3.65.1 * xen-tools-domU-debuginfo-4.17.6_08-150500.3.65.1 * xen-libs-debuginfo-4.17.6_08-150500.3.65.1 * xen-tools-domU-4.17.6_08-150500.3.65.1 * xen-devel-4.17.6_08-150500.3.65.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-debuginfo-4.17.6_08-150500.3.65.1 * xen-libs-32bit-4.17.6_08-150500.3.65.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-doc-html-4.17.6_08-150500.3.65.1 * xen-4.17.6_08-150500.3.65.1 * xen-tools-4.17.6_08-150500.3.65.1 * xen-tools-debuginfo-4.17.6_08-150500.3.65.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_08-150500.3.65.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.6_08-150500.3.65.1 * xen-libs-64bit-4.17.6_08-150500.3.65.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-libs-debuginfo-4.17.6_08-150500.3.65.1 * xen-libs-4.17.6_08-150500.3.65.1 * xen-debugsource-4.17.6_08-150500.3.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * xen-debugsource-4.17.6_08-150500.3.65.1 * xen-tools-4.17.6_08-150500.3.65.1 * xen-4.17.6_08-150500.3.65.1 * xen-libs-4.17.6_08-150500.3.65.1 * xen-tools-domU-debuginfo-4.17.6_08-150500.3.65.1 * xen-libs-debuginfo-4.17.6_08-150500.3.65.1 * xen-tools-debuginfo-4.17.6_08-150500.3.65.1 * xen-tools-domU-4.17.6_08-150500.3.65.1 * xen-devel-4.17.6_08-150500.3.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_08-150500.3.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * xen-debugsource-4.17.6_08-150500.3.65.1 * xen-tools-4.17.6_08-150500.3.65.1 * xen-4.17.6_08-150500.3.65.1 * xen-libs-4.17.6_08-150500.3.65.1 * xen-tools-domU-debuginfo-4.17.6_08-150500.3.65.1 * xen-libs-debuginfo-4.17.6_08-150500.3.65.1 * xen-tools-debuginfo-4.17.6_08-150500.3.65.1 * xen-tools-domU-4.17.6_08-150500.3.65.1 * xen-devel-4.17.6_08-150500.3.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_08-150500.3.65.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * xen-debugsource-4.17.6_08-150500.3.65.1 * xen-tools-4.17.6_08-150500.3.65.1 * xen-4.17.6_08-150500.3.65.1 * xen-libs-4.17.6_08-150500.3.65.1 * xen-tools-domU-debuginfo-4.17.6_08-150500.3.65.1 * xen-libs-debuginfo-4.17.6_08-150500.3.65.1 * xen-tools-debuginfo-4.17.6_08-150500.3.65.1 * xen-tools-domU-4.17.6_08-150500.3.65.1 * xen-devel-4.17.6_08-150500.3.65.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.17.6_08-150500.3.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * xen-debugsource-4.17.6_08-150500.3.65.1 * xen-tools-4.17.6_08-150500.3.65.1 * xen-4.17.6_08-150500.3.65.1 * xen-libs-4.17.6_08-150500.3.65.1 * xen-tools-domU-debuginfo-4.17.6_08-150500.3.65.1 * xen-libs-debuginfo-4.17.6_08-150500.3.65.1 * xen-tools-debuginfo-4.17.6_08-150500.3.65.1 * xen-tools-domU-4.17.6_08-150500.3.65.1 *xen-devel-4.17.6_08-150500.3.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_08-150500.3.65.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54505.html * https://www.suse.com/security/cve/CVE-2026-23557.html * https://www.suse.com/security/cve/CVE-2026-23558.html * https://bugzilla.suse.com/show_bug.cgi?id=1262178 * https://bugzilla.suse.com/show_bug.cgi?id=1262180 * https://bugzilla.suse.com/show_bug.cgi?id=1262428 . Critical SUSE update addresses multiple vulnerabilities in Xen hypervisor. Immediate installation recommended for system security.. SUSE security update Xen vulnerabilities important DoS. . Severity: Important. LinuxSecurity.com Team
Apr 29, 2026
•Important
SuSE
89
security advisoryupdateFedoraFedora 33: FEDORA-2021-4f129cc0c1 Critical: Xen DoS Risks Fix
IOMMU page mapping issues on x86 [XSA-378, CVE-2021-28694, CVE-2021-28695, CVE-2021-28696] (#1997531) (#1997568) (#1997537) grant table v2 status pages may remain accessible after de-allocation [XSA-379, CVE-2021-28697] (#1997520) long running loops in grant table handling [XSA-380, CVE-2021-28698] (#1997526) inadequate grant-v2 status frames array bounds check [XSA-382, CVE-2021-28699]. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-4f129cc0c1 2021-09-05 21:26:52.079108 --------------------------------------------------------------------------------Name : xen Product : Fedora 33 Version : 4.14.2 Release : 3.fc33 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: IOMMU page mapping issues on x86 [XSA-378, CVE-2021-28694, CVE-2021-28695, CVE-2021-28696] (#1997531) (#1997568) (#1997537) grant table v2 status pages may remain accessible after de-allocation [XSA-379, CVE-2021-28697] (#1997520) long running loops in grant table handling [XSA-380, CVE-2021-28698] (#1997526) inadequate grant-v2 status frames array bounds check [XSA-382, CVE-2021-28699] (#1997523) xen/arm: No memory limit for dom0less domUs [XSA-383, CVE-2021-28700] (#1997527) grub x86_64-efi modules now go into /boot/grub2 --------------------------------------------------------------------------------ChangeLog: * Sat Aug 28 2021 Michael Young - 4.14.2-3 - IOMMU page mapping issues on x86 [XSA-378, CVE-2021-28694, CVE-2021-28695, CVE-2021-28696] (#1997531) (#1997568) (#1997537) - grant table v2 status pages may remain accessible after de-allocation [XSA-379, CVE-2021-28697] (#1997520) - long running loops in grant table handling [XSA-380,CVE-2021-28698] (#1997526) - inadequate grant-v2 status frames array bounds check [XSA-382, CVE-2021-28699] (#1997523) - xen/arm: No memory limit for dom0less domUs [XSA-383, CVE-2021-28700] (#1997527) - grub x86_64-efi modules now go into /boot/grub2 --------------------------------------------------------------------------------References: [ 1 ] Bug #1997519 - CVE-2021-28697 xen: malicious guest may be able to elevate its privileges leads to DoS https://bugzilla.redhat.com/show_bug.cgi?id=1997519 [ 2 ] Bug #1997522 - CVE-2021-28699 xen: malicious guest kernel leads to DoS https://bugzilla.redhat.com/show_bug.cgi?id=1997522 [ 3 ] Bug #1997524 - CVE-2021-28698 xen: malicious kernels lead to DoS https://bugzilla.redhat.com/show_bug.cgi?id=1997524 [ 4 ] Bug #1997525 - CVE-2021-28700 xen: malicious dom0less guest could drive Xen out of memory and leads to DoS https://bugzilla.redhat.com/show_bug.cgi?id=1997525 [ 5 ] Bug #1997529 - CVE-2021-28694 xen: failed to prevent guests from undoing/replacing such mappings https://bugzilla.redhat.com/show_bug.cgi?id=1997529 [ 6 ] Bug #1997535 - CVE-2021-28696 xen: physical device from a guest allowing to access memory https://bugzilla.redhat.com/show_bug.cgi?id=1997535 [ 7 ] Bug #1997567 - CVE-2021-28695 xen: discontinuous range is specified by firmware leads to vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1997567 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-4f129cc0c1' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Sep 05, 2021
•Critical
Fedora
89
security advisorycriticalFedoraFedora 25 Critical: 2017-c4aa57d753 Xen Pin Count Race Issue
pin count / page reference race in grant table code [XSA-236, CVE-2017-15597]. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-c4aa57d753 2017-11-15 21:26:26.921165 --------------------------------------------------------------------------------Name : xen Product : Fedora 25 Version : 4.7.3 Release : 8.fc25 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: pin count / page reference race in grant table code [XSA-236, CVE-2017-15597] --------------------------------------------------------------------------------References: [ 1 ] Bug #1499815 - CVE-2017-15597 xsa236 xen: pin count / page reference race in grant table code (XSA-236) https://bugzilla.redhat.com/show_bug.cgi?id=1499815 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade xen' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 15, 2017
•Critical
Fedora
89
security advisorymoderateFedoraFedora 26: 2017-009bc68243 Moderate: pin Count Race in Xen
pin count / page reference race in grant table code [XSA-236, CVE-2017-15597]. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-009bc68243 2017-11-15 19:03:16.423093 --------------------------------------------------------------------------------Name : xen Product : Fedora 26 Version : 4.8.2 Release : 5.fc26 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: pin count / page reference race in grant table code [XSA-236, CVE-2017-15597] --------------------------------------------------------------------------------References: [ 1 ] Bug #1499815 - CVE-2017-15597 xsa236 xen: pin count / page reference race in grant table code (XSA-236) https://bugzilla.redhat.com/show_bug.cgi?id=1499815 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade xen' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 15, 2017
•Important
Fedora
89
security advisoryfedoraprivilege escalationFedora 24 - 2017-b3bdaf58bc Moderate: Xen Privilege Escalation Issues
xen: various flaws (#1463247) blkif responses leak backend stack data [XSA-216] page transfer may allow PV guest to elevate privilege [XSA-217] Races in the grant table unmap code [XSA-218] x86: insufficient reference counts during shadow emulation [XSA-219] x86: PKRU and BND* leakage between vCPU-s [XSA-220] stale P2M mappings due to insufficient error checking [XSA-222] ARM guest. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-b3bdaf58bc 2017-07-01 21:00:30.997417 --------------------------------------------------------------------------------Name : xen Product : Fedora 24 Version : 4.6.5 Release : 7.fc24 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: xen: various flaws (#1463247) blkif responses leak backend stack data [XSA-216] page transfer may allow PV guest to elevate privilege [XSA-217] Races in the grant table unmap code [XSA-218] x86: insufficient reference counts during shadow emulation [XSA-219] x86: PKRU and BND* leakage between vCPU-s [XSA-220] stale P2M mappings due to insufficient error checking [XSA-222] ARM guest disabling interrupt may crash Xen [XSA-223] grant table operations mishandle reference counts [XSA-224] arm: vgic: Out-of-bound access when sending SGIs [XSA-225] NULL pointer deref in event channel poll [XSA-221] (#1463231) --------------------------------------------------------------------------------References: [ 1 ] Bug #1458870 - xsa216 xen: blkif responses leak backend stack data (XSA-216) https://bugzilla.redhat.com/show_bug.cgi?id=1458870 [ 2 ] Bug #1458871 - xsa217 xen: page transfer may allow PV guest to elevate privilege (XSA-217) https://bugzilla.redhat.com/show_bug.cgi?id=1458871 [ 3 ] Bug #1458872 - xsa218 xen: Races in the grant table unmap code (XSA-218) https://bugzilla.redhat.com/show_bug.cgi?id=1458872 [ 4 ] Bug #1458873 - xsa219 xen: x86: insufficient reference counts during shadow emulation (XSA-219) https://bugzilla.redhat.com/show_bug.cgi?id=1458873 [ 5 ] Bug #1458874 - xsa220 xen: x86: PKRU and BND* leakage between vCPU-s (XSA-220) https://bugzilla.redhat.com/show_bug.cgi?id=1458874 [ 6 ] Bug #1458876 - xsa222 xen: stale P2M mappings due to insufficient error checking (XSA-222) https://bugzilla.redhat.com/show_bug.cgi?id=1458876 [ 7 ] Bug #1458877 - xsa223 xen: ARM guest disabling interrupt may crash Xen (XSA-223) https://bugzilla.redhat.com/show_bug.cgi?id=1458877 [ 8 ] Bug #1458878 - xsa224 xen: grant table operations mishandle reference counts (XSA-224) https://bugzilla.redhat.com/show_bug.cgi?id=1458878 [ 9 ] Bug #1459515 - xsa225 xen: arm: vgic: Out-of-bound access when sending SGIs (XSA-225) https://bugzilla.redhat.com/show_bug.cgi?id=1459515 [ 10 ] Bug #1458875 - xsa221 xen: NULL pointer deref in event channel poll (XSA-221) https://bugzilla.redhat.com/show_bug.cgi?id=1458875 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade xen' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jul 02, 2017
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!