csaf_suse - suse-su-2025:01860-1

suse-su-2025:01860-1

Vulnerability from csaf_suse

Published

2025-06-10 08:11

Modified

2025-06-10 08:11

Summary

Security update for xen

Notes

Title of the patch

Security update for xen

Description of the patch

This update for xen fixes the following issues: - CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection (ITS) (XSA-469) (bsc#1243117) - CVE-2024-53241: Fixed Xen hypercall page unsafe against speculative attacks (XSA-466) (bsc#1234282) - CVE-2025-1713: Fixed deadlock potential with VT-d and legacy PCI device pass-through (XSA-467) (bsc#1238043)

Patchnames

SUSE-2025-1860,SUSE-SLE-Micro-5.5-2025-1860

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for xen",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for xen fixes the following issues:\n\n- CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection (ITS) (XSA-469) (bsc#1243117)\n- CVE-2024-53241: Fixed Xen hypercall page unsafe against speculative attacks (XSA-466) (bsc#1234282)\n- CVE-2025-1713: Fixed deadlock potential with VT-d and legacy PCI device pass-through (XSA-467) (bsc#1238043)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-1860,SUSE-SLE-Micro-5.5-2025-1860",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01860-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:01860-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501860-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:01860-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040205.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1234282",
        "url": "https://bugzilla.suse.com/1234282"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238043",
        "url": "https://bugzilla.suse.com/1238043"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1243117",
        "url": "https://bugzilla.suse.com/1243117"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-28956 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-28956/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-53241 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-53241/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-1713 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-1713/"
      }
    ],
    "title": "Security update for xen",
    "tracking": {
      "current_release_date": "2025-06-10T08:11:57Z",
      "generator": {
        "date": "2025-06-10T08:11:57Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:01860-1",
      "initial_release_date": "2025-06-10T08:11:57Z",
      "revision_history": [
        {
          "date": "2025-06-10T08:11:57Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.17.5_08-150500.3.45.1.aarch64",
                "product": {
                  "name": "xen-4.17.5_08-150500.3.45.1.aarch64",
                  "product_id": "xen-4.17.5_08-150500.3.45.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.17.5_08-150500.3.45.1.aarch64",
                "product": {
                  "name": "xen-devel-4.17.5_08-150500.3.45.1.aarch64",
                  "product_id": "xen-devel-4.17.5_08-150500.3.45.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.17.5_08-150500.3.45.1.aarch64",
                "product": {
                  "name": "xen-doc-html-4.17.5_08-150500.3.45.1.aarch64",
                  "product_id": "xen-doc-html-4.17.5_08-150500.3.45.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.17.5_08-150500.3.45.1.aarch64",
                "product": {
                  "name": "xen-libs-4.17.5_08-150500.3.45.1.aarch64",
                  "product_id": "xen-libs-4.17.5_08-150500.3.45.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.17.5_08-150500.3.45.1.aarch64",
                "product": {
                  "name": "xen-tools-4.17.5_08-150500.3.45.1.aarch64",
                  "product_id": "xen-tools-4.17.5_08-150500.3.45.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.17.5_08-150500.3.45.1.aarch64",
                "product": {
                  "name": "xen-tools-domU-4.17.5_08-150500.3.45.1.aarch64",
                  "product_id": "xen-tools-domU-4.17.5_08-150500.3.45.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-libs-64bit-4.17.5_08-150500.3.45.1.aarch64_ilp32",
                "product": {
                  "name": "xen-libs-64bit-4.17.5_08-150500.3.45.1.aarch64_ilp32",
                  "product_id": "xen-libs-64bit-4.17.5_08-150500.3.45.1.aarch64_ilp32"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64_ilp32"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-devel-4.17.5_08-150500.3.45.1.i586",
                "product": {
                  "name": "xen-devel-4.17.5_08-150500.3.45.1.i586",
                  "product_id": "xen-devel-4.17.5_08-150500.3.45.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.17.5_08-150500.3.45.1.i586",
                "product": {
                  "name": "xen-libs-4.17.5_08-150500.3.45.1.i586",
                  "product_id": "xen-libs-4.17.5_08-150500.3.45.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.17.5_08-150500.3.45.1.i586",
                "product": {
                  "name": "xen-tools-domU-4.17.5_08-150500.3.45.1.i586",
                  "product_id": "xen-tools-domU-4.17.5_08-150500.3.45.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-tools-xendomains-wait-disk-4.17.5_08-150500.3.45.1.noarch",
                "product": {
                  "name": "xen-tools-xendomains-wait-disk-4.17.5_08-150500.3.45.1.noarch",
                  "product_id": "xen-tools-xendomains-wait-disk-4.17.5_08-150500.3.45.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.17.5_08-150500.3.45.1.x86_64",
                "product": {
                  "name": "xen-4.17.5_08-150500.3.45.1.x86_64",
                  "product_id": "xen-4.17.5_08-150500.3.45.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.17.5_08-150500.3.45.1.x86_64",
                "product": {
                  "name": "xen-devel-4.17.5_08-150500.3.45.1.x86_64",
                  "product_id": "xen-devel-4.17.5_08-150500.3.45.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.17.5_08-150500.3.45.1.x86_64",
                "product": {
                  "name": "xen-doc-html-4.17.5_08-150500.3.45.1.x86_64",
                  "product_id": "xen-doc-html-4.17.5_08-150500.3.45.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.17.5_08-150500.3.45.1.x86_64",
                "product": {
                  "name": "xen-libs-4.17.5_08-150500.3.45.1.x86_64",
                  "product_id": "xen-libs-4.17.5_08-150500.3.45.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-32bit-4.17.5_08-150500.3.45.1.x86_64",
                "product": {
                  "name": "xen-libs-32bit-4.17.5_08-150500.3.45.1.x86_64",
                  "product_id": "xen-libs-32bit-4.17.5_08-150500.3.45.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.17.5_08-150500.3.45.1.x86_64",
                "product": {
                  "name": "xen-tools-4.17.5_08-150500.3.45.1.x86_64",
                  "product_id": "xen-tools-4.17.5_08-150500.3.45.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.17.5_08-150500.3.45.1.x86_64",
                "product": {
                  "name": "xen-tools-domU-4.17.5_08-150500.3.45.1.x86_64",
                  "product_id": "xen-tools-domU-4.17.5_08-150500.3.45.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.5",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.5",
                  "product_id": "SUSE Linux Enterprise Micro 5.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-micro:5.5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.17.5_08-150500.3.45.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
          "product_id": "SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.5_08-150500.3.45.1.x86_64"
        },
        "product_reference": "xen-libs-4.17.5_08-150500.3.45.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-28956",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-28956"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.5_08-150500.3.45.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-28956",
          "url": "https://www.suse.com/security/cve/CVE-2024-28956"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1242006 for CVE-2024-28956",
          "url": "https://bugzilla.suse.com/1242006"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.5_08-150500.3.45.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.5_08-150500.3.45.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-10T08:11:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-28956"
    },
    {
      "cve": "CVE-2024-53241",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-53241"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/xen: don\u0027t do PV iret hypercall through hypercall page\n\nInstead of jumping to the Xen hypercall page for doing the iret\nhypercall, directly code the required sequence in xen-asm.S.\n\nThis is done in preparation of no longer using hypercall page at all,\nas it has shown to cause problems with speculation mitigations.\n\nThis is part of XSA-466 / CVE-2024-53241.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.5_08-150500.3.45.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-53241",
          "url": "https://www.suse.com/security/cve/CVE-2024-53241"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234282 for CVE-2024-53241",
          "url": "https://bugzilla.suse.com/1234282"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.5_08-150500.3.45.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.5_08-150500.3.45.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-10T08:11:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-53241"
    },
    {
      "cve": "CVE-2025-1713",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-1713"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When setting up interrupt remapping for legacy PCI(-X) devices,\nincluding PCI(-X) bridges, a lookup of the upstream bridge is required.\nThis lookup, itself involving acquiring of a lock, is done in a context\nwhere acquiring that lock is unsafe.  This can lead to a deadlock.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.5_08-150500.3.45.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-1713",
          "url": "https://www.suse.com/security/cve/CVE-2025-1713"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238043 for CVE-2025-1713",
          "url": "https://bugzilla.suse.com/1238043"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.5_08-150500.3.45.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Micro 5.5:xen-libs-4.17.5_08-150500.3.45.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-10T08:11:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-1713"
    }
  ]
}

CVE-2024-28956 (GCVE-0-2024-28956)

Vulnerability from cvelistv5

Published

2025-05-13 21:02

Modified

2025-05-14 14:43

Severity ?

5.7 (Medium) - CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CWE

Information Disclosure
CWE-1421 - Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution

Summary

Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

References

►

URL

Tags

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01153.html

Impacted products

	Vendor	Product	Version
	n/a	Intel(R) Processors	Version: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-13T22:03:18.846Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://xenbits.xen.org/xsa/advisory-469.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/05/12/5"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-28956",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-14T14:42:03.518493Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-14T14:43:48.581Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Processors",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en"
            },
            {
              "cweId": "CWE-1421",
              "description": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-13T21:02:56.170Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01153.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01153.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2024-28956",
    "datePublished": "2025-05-13T21:02:56.170Z",
    "dateReserved": "2024-05-23T17:14:54.799Z",
    "dateUpdated": "2025-05-14T14:43:48.581Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-53241 (GCVE-0-2024-53241)

Vulnerability from cvelistv5

Published

2024-12-24 09:24

Modified

2025-05-04 09:56

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer using hypercall page at all, as it has shown to cause problems with speculation mitigations. This is part of XSA-466 / CVE-2024-53241.

References

►

URL

Tags

	https://git.kernel.org/stable/c/05df6e6cd9a76b778aee33c3c18c9f3b3566d4a5
	https://git.kernel.org/stable/c/c7b4cfa6213a44fa48714186dfdf125072d036e3
	https://git.kernel.org/stable/c/fa719857f613fed94a79da055b13ca51214c694f
	https://git.kernel.org/stable/c/82c211ead1ec440dbf81727e17b03b5e3c44b93d
	https://git.kernel.org/stable/c/f7c3fdad0a474062d566aae3289d490d7e702d30
	https://git.kernel.org/stable/c/a2796dff62d6c6bfc5fbebdf2bee0d5ac0438906

Impacted products

Vendor

Product

Version

►

Linux

Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-05T07:02:44.547Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://xenbits.xen.org/xsa/advisory-466.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/12/17/2"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/12/23/1"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/01/05/1"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/01/05/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/xen/xen-asm.S"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "05df6e6cd9a76b778aee33c3c18c9f3b3566d4a5",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "c7b4cfa6213a44fa48714186dfdf125072d036e3",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "fa719857f613fed94a79da055b13ca51214c694f",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "82c211ead1ec440dbf81727e17b03b5e3c44b93d",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "f7c3fdad0a474062d566aae3289d490d7e702d30",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "a2796dff62d6c6bfc5fbebdf2bee0d5ac0438906",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/xen/xen-asm.S"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.175",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.121",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.67",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.232",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.175",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.121",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.67",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/xen: don\u0027t do PV iret hypercall through hypercall page\n\nInstead of jumping to the Xen hypercall page for doing the iret\nhypercall, directly code the required sequence in xen-asm.S.\n\nThis is done in preparation of no longer using hypercall page at all,\nas it has shown to cause problems with speculation mitigations.\n\nThis is part of XSA-466 / CVE-2024-53241."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T09:56:48.923Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/05df6e6cd9a76b778aee33c3c18c9f3b3566d4a5"
        },
        {
          "url": "https://git.kernel.org/stable/c/c7b4cfa6213a44fa48714186dfdf125072d036e3"
        },
        {
          "url": "https://git.kernel.org/stable/c/fa719857f613fed94a79da055b13ca51214c694f"
        },
        {
          "url": "https://git.kernel.org/stable/c/82c211ead1ec440dbf81727e17b03b5e3c44b93d"
        },
        {
          "url": "https://git.kernel.org/stable/c/f7c3fdad0a474062d566aae3289d490d7e702d30"
        },
        {
          "url": "https://git.kernel.org/stable/c/a2796dff62d6c6bfc5fbebdf2bee0d5ac0438906"
        }
      ],
      "title": "x86/xen: don\u0027t do PV iret hypercall through hypercall page",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-53241",
    "datePublished": "2024-12-24T09:24:42.212Z",
    "dateReserved": "2024-11-19T17:17:25.026Z",
    "dateUpdated": "2025-05-04T09:56:48.923Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1713 (GCVE-0-2025-1713)

Vulnerability from cvelistv5

Published

2025-07-17 13:59

Modified

2025-07-17 14:21

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

When setting up interrupt remapping for legacy PCI(-X) devices, including PCI(-X) bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock.

References

►

URL

Tags

https://xenbits.xenproject.org/xsa/advisory-467.html

Impacted products

	Vendor	Product	Version
	Xen	Xen

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-07-17T14:04:25.770Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/02/27/1"
          },
          {
            "url": "http://xenbits.xen.org/xsa/advisory-467.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/02/27/3"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/02/28/1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-1713",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-17T14:17:20.052947Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-833",
                "description": "CWE-833 Deadlock",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-17T14:21:42.020Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Xen",
          "vendor": "Xen",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-467"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "Xen versions 4.0 and later are affected.  Xen versions 3.4 and earlier\nare not directly affected, but had other issues.\n\nSystems with Intel IOMMU hardware (VT-d) are affected.  Systems using\nAMD or non-x86 hardware are not affected.\n\nOnly systems where certain kinds of devices are passed through to an\nunprivileged guest are vulnerable."
        }
      ],
      "datePublic": "2025-02-27T12:52:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "When setting up interrupt remapping for legacy PCI(-X) devices,\nincluding PCI(-X) bridges, a lookup of the upstream bridge is required.\nThis lookup, itself involving acquiring of a lock, is done in a context\nwhere acquiring that lock is unsafe.  This can lead to a deadlock."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "The passing through of certain kinds of devices to an unprivileged guest\ncan result in a Denial of Service (DoS) affecting the entire host.\n\nNote: Normal usage of such devices by a privileged domain can also\n      trigger the issue.  In such a scenario, the deadlock is not\n      considered a security issue, but just a plain bug."
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-17T13:59:46.231Z",
        "orgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
        "shortName": "XEN"
      },
      "references": [
        {
          "url": "https://xenbits.xenproject.org/xsa/advisory-467.html"
        }
      ],
      "title": "deadlock potential with VT-d and legacy PCI device pass-through",
      "workarounds": [
        {
          "lang": "en",
          "value": "Avoiding the passing through of the affected device types will avoid\nthe vulnerability."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
    "assignerShortName": "XEN",
    "cveId": "CVE-2025-1713",
    "datePublished": "2025-07-17T13:59:46.231Z",
    "dateReserved": "2025-02-26T09:04:42.837Z",
    "dateUpdated": "2025-07-17T14:21:42.020Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2025:01860-1

Vulnerability from csaf_suse

CVE-2024-28956 (GCVE-0-2024-28956)

Vulnerability from cvelistv5

CVE-2024-53241 (GCVE-0-2024-53241)

Vulnerability from cvelistv5

CVE-2025-1713 (GCVE-0-2025-1713)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature