Security update for xen
| Announcement ID: | SUSE-SU-2025:4419-1 |
|---|---|
| Release Date: | 2025-12-16T18:57:19Z |
| Rating: | moderate |
| References: | |
| Cross-References: | |
| CVSS scores: |
|
| Affected Products: |
|
An update that solves one vulnerability, contains one feature and has one security fix can now be installed.
Description:
This update for xen fixes the following issues:
Update to Xen 4.20.2 (jsc#PED-8907).
Security issues fixed:
- CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to it (XSA-476, bsc#1252692).
Other issues fixed:
- Failure to restart xenstored (bsc#1254180).
Special Instructions and Notes:
- Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-4419=1 -
Server Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-4419=1
Package List:
-
Basesystem Module 15-SP7 (x86_64)
- xen-tools-domU-4.20.2_02-150700.3.19.1
- xen-debugsource-4.20.2_02-150700.3.19.1
- xen-libs-4.20.2_02-150700.3.19.1
- xen-libs-debuginfo-4.20.2_02-150700.3.19.1
- xen-tools-domU-debuginfo-4.20.2_02-150700.3.19.1
-
Server Applications Module 15-SP7 (x86_64)
- xen-tools-4.20.2_02-150700.3.19.1
- xen-debugsource-4.20.2_02-150700.3.19.1
- xen-4.20.2_02-150700.3.19.1
- xen-devel-4.20.2_02-150700.3.19.1
- xen-tools-debuginfo-4.20.2_02-150700.3.19.1
-
Server Applications Module 15-SP7 (noarch)
- xen-tools-xendomains-wait-disk-4.20.2_02-150700.3.19.1