Security update for xen SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:4419-1 Final 1 1 2025-12-16T18:57:18Z current 2025-12-16T18:57:18Z 2025-12-16T18:57:18Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xen This update for xen fixes the following issues: Update to Xen 4.20.2 (jsc#PED-8907). Security issues fixed: - CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to it (XSA-476, bsc#1252692). Other issues fixed: - Failure to restart xenstored (bsc#1254180). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-4419,SUSE-SLE-Module-Basesystem-15-SP7-2025-4419,SUSE-SLE-Module-Server-Applications-15-SP7-2025-4419 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20254419-1/ Link for SUSE-SU-2025:4419-1 https://lists.suse.com/pipermail/sle-security-updates/2025-December/023565.html E-Mail link for SUSE-SU-2025:4419-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1252692 SUSE Bug 1252692 https://bugzilla.suse.com/1254180 SUSE Bug 1254180 https://www.suse.com/security/cve/CVE-2025-58149/ SUSE CVE CVE-2025-58149 page SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Server Applications 15 SP7 xen-4.20.2_02-150700.3.19.1 xen-devel-4.20.2_02-150700.3.19.1 xen-doc-html-4.20.2_02-150700.3.19.1 xen-libs-4.20.2_02-150700.3.19.1 xen-libs-32bit-4.20.2_02-150700.3.19.1 xen-libs-64bit-4.20.2_02-150700.3.19.1 xen-tools-4.20.2_02-150700.3.19.1 xen-tools-domU-4.20.2_02-150700.3.19.1 xen-tools-xendomains-wait-disk-4.20.2_02-150700.3.19.1 xen-libs-4.20.2_02-150700.3.19.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 xen-tools-domU-4.20.2_02-150700.3.19.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 xen-4.20.2_02-150700.3.19.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 xen-devel-4.20.2_02-150700.3.19.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 xen-tools-4.20.2_02-150700.3.19.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 xen-tools-xendomains-wait-disk-4.20.2_02-150700.3.19.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 unknown CVE-2025-58149 SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-libs-4.20.2_02-150700.3.19.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-tools-domU-4.20.2_02-150700.3.19.1 SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-4.20.2_02-150700.3.19.1 SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-devel-4.20.2_02-150700.3.19.1 SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-4.20.2_02-150700.3.19.1 SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-xendomains-wait-disk-4.20.2_02-150700.3.19.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20254419-1/ https://www.suse.com/security/cve/CVE-2025-58149.html CVE-2025-58149 https://bugzilla.suse.com/1252692 SUSE Bug 1252692