Security update for xen SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:02471-1 Final 1 1 2025-07-22T22:58:21Z current 2025-07-22T22:58:21Z 2025-07-22T22:58:21Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xen This update for xen fixes the following issues: - CVE-2025-27465: Fixed incorrect stubs exception handling for flags recovery (XSA-470) (bsc#1244644) - Fixed more AMD transient execution attacks (XSA-471) (bsc#1246112) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-2471,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2471,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2471 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202502471-1/ Link for SUSE-SU-2025:02471-1 https://lists.suse.com/pipermail/sle-updates/2025-July/040869.html E-Mail link for SUSE-SU-2025:02471-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1244644 SUSE Bug 1244644 https://bugzilla.suse.com/1246112 SUSE Bug 1246112 https://www.suse.com/security/cve/CVE-2025-27465/ SUSE CVE CVE-2025-27465 page SUSE Linux Enterprise Server 12 SP5-LTSS SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 xen-4.12.4_62-3.130.1 xen-devel-4.12.4_62-3.130.1 xen-doc-html-4.12.4_62-3.130.1 xen-libs-4.12.4_62-3.130.1 xen-libs-32bit-4.12.4_62-3.130.1 xen-libs-64bit-4.12.4_62-3.130.1 xen-tools-4.12.4_62-3.130.1 xen-tools-domU-4.12.4_62-3.130.1 xen-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS xen-devel-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS xen-doc-html-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS xen-libs-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS xen-libs-32bit-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS xen-tools-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS xen-tools-domU-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS xen-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 xen-devel-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 xen-doc-html-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 xen-libs-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 xen-libs-32bit-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 xen-tools-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 xen-tools-domU-4.12.4_62-3.130.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replayed instructions have additional logic to set up and recover the changes to the arithmetic flags. For replayed instructions where the flags recovery logic is used, the metadata for exception handling was incorrect, preventing Xen from handling the the exception gracefully, treating it as fatal instead. CVE-2025-27465 SUSE Linux Enterprise Server 12 SP5-LTSS:xen-4.12.4_62-3.130.1 SUSE Linux Enterprise Server 12 SP5-LTSS:xen-devel-4.12.4_62-3.130.1 SUSE Linux Enterprise Server 12 SP5-LTSS:xen-doc-html-4.12.4_62-3.130.1 SUSE Linux Enterprise Server 12 SP5-LTSS:xen-libs-32bit-4.12.4_62-3.130.1 SUSE Linux Enterprise Server 12 SP5-LTSS:xen-libs-4.12.4_62-3.130.1 SUSE Linux Enterprise Server 12 SP5-LTSS:xen-tools-4.12.4_62-3.130.1 SUSE Linux Enterprise Server 12 SP5-LTSS:xen-tools-domU-4.12.4_62-3.130.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xen-4.12.4_62-3.130.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xen-devel-4.12.4_62-3.130.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xen-doc-html-4.12.4_62-3.130.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xen-libs-32bit-4.12.4_62-3.130.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xen-libs-4.12.4_62-3.130.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xen-tools-4.12.4_62-3.130.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xen-tools-domU-4.12.4_62-3.130.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502471-1/ https://www.suse.com/security/cve/CVE-2025-27465.html CVE-2025-27465 https://bugzilla.suse.com/1244644 SUSE Bug 1244644