Overview

File _patchinfo of Package patchinfo.40469

<patchinfo incident="40469">
  <issue tracker="bnc" id="1248807">VUL-0: CVE-2025-27466,CVE-2025-58142,CVE-2025-58143: xen: Mutiple vulnerabilities in the Viridian interface (XSA-472)</issue>
  <issue tracker="cve" id="2025-58143"/>
  <issue tracker="cve" id="2025-27466"/>
  <issue tracker="cve" id="2025-58142"/>
  <packager>charlesa</packager>
  <rating>important</rating>
  <category>security</category>
  <reboot_needed/>
  <summary>Security update for xen</summary>
  <description>This update for xen fixes the following issues:

- CVE-2025-27466: NULL pointer dereference in the Viridian interface when updating the reference TSC area (bsc#1248807).
- CVE-2025-58142: NULL pointer dereference in the Viridian interface due to assumption that the SIM page is mapped when
  a synthetic timer message has to be delivered (bsc#1248807).
- CVE-2025-58143: information leak and reference counter underflow in the Viridian interface due to race in the mapping
  of the reference TSC page (bsc#1248807).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places