Overview

File _patchinfo of Package patchinfo.42017

<patchinfo incident="42017">
  <issue tracker="bnc" id="1027519">Xen: Missing upstream bug fixes</issue>
  <issue tracker="bnc" id="1252692">VUL-0: CVE-2025-58149: xen: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to it (XSA-476)</issue>
  <issue tracker="bnc" id="1254180">[SLES][15-SP7][x86_64][Build41647]  virtxend service restart</issue>
  <issue tracker="cve" id="2025-58149"/>
  <packager>charlesa</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for xen</summary>
  <description>This update for xen fixes the following issues:

Update to Xen 4.17.6.

Security issues fixed:

- CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no
  longer assigned to them (bsc#1252692).

Other issues fixed:

- Several upstream bug fixes (bsc#1027519).
- Failure to restart xenstored (bsc#1254180).
</description>
<reboot_needed/>
</patchinfo>
openSUSE Build Service is sponsored by
Places