Security update for xen SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:4490-1 Final 1 1 2025-12-19T11:17:12Z current 2025-12-19T11:17:12Z 2025-12-19T11:17:12Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xen This update for xen fixes the following issues: Update to Xen 4.17.6. Security issues fixed: - CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to them (bsc#1252692). Other issues fixed: - Several upstream bug fixes (bsc#1027519). - Failure to restart xenstored (bsc#1254180). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-4490,SUSE-SLE-Micro-5.5-2025-4490 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20254490-1/ Link for SUSE-SU-2025:4490-1 https://lists.suse.com/pipermail/sle-security-updates/2025-December/023631.html E-Mail link for SUSE-SU-2025:4490-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1027519 SUSE Bug 1027519 https://bugzilla.suse.com/1252692 SUSE Bug 1252692 https://bugzilla.suse.com/1254180 SUSE Bug 1254180 https://www.suse.com/security/cve/CVE-2025-58149/ SUSE CVE CVE-2025-58149 page SUSE Linux Enterprise Micro 5.5 xen-4.17.6_02-150500.3.56.1 xen-devel-4.17.6_02-150500.3.56.1 xen-doc-html-4.17.6_02-150500.3.56.1 xen-libs-4.17.6_02-150500.3.56.1 xen-libs-32bit-4.17.6_02-150500.3.56.1 xen-libs-64bit-4.17.6_02-150500.3.56.1 xen-tools-4.17.6_02-150500.3.56.1 xen-tools-domU-4.17.6_02-150500.3.56.1 xen-tools-xendomains-wait-disk-4.17.6_02-150500.3.56.1 xen-libs-4.17.6_02-150500.3.56.1 as a component of SUSE Linux Enterprise Micro 5.5 When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allows the domain itself to map the memory in the page-tables. For HVM it would require a compromised device model or stubdomain to map the leaked memory into the HVM domain p2m. CVE-2025-58149 SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.6_02-150500.3.56.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20254490-1/ https://www.suse.com/security/cve/CVE-2025-58149.html CVE-2025-58149 https://bugzilla.suse.com/1252692 SUSE Bug 1252692