SUSE-SU-2026:1093-1
Vulnerability from csaf_suse - Published: 2026-03-26 17:52 - Updated: 2026-03-26 17:52Summary
Security update for xen
Severity
Important
Notes
Title of the patch: Security update for xen
Description of the patch: This update for xen fixes the following issues:
- CVE-2026-23554: xen: Use after free of paging structures in EPT (bsc#1259247, XSA-480)
- CVE-2026-23555: xen: Xenstored DoS by unprivileged domain (bsc#1259248, XSA-481)
Patchnames: SUSE-2026-1093,SUSE-SLE-Module-Basesystem-15-SP7-2026-1093,SUSE-SLE-Module-Server-Applications-15-SP7-2026-1093
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for xen",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for xen fixes the following issues:\n\n- CVE-2026-23554: xen: Use after free of paging structures in EPT (bsc#1259247, XSA-480)\n- CVE-2026-23555: xen: Xenstored DoS by unprivileged domain (bsc#1259248, XSA-481)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1093,SUSE-SLE-Module-Basesystem-15-SP7-2026-1093,SUSE-SLE-Module-Server-Applications-15-SP7-2026-1093",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1093-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1093-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261093-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1093-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024964.html"
},
{
"category": "self",
"summary": "SUSE Bug 1259247",
"url": "https://bugzilla.suse.com/1259247"
},
{
"category": "self",
"summary": "SUSE Bug 1259248",
"url": "https://bugzilla.suse.com/1259248"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23554 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23554/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23555 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23555/"
}
],
"title": "Security update for xen",
"tracking": {
"current_release_date": "2026-03-26T17:52:21Z",
"generator": {
"date": "2026-03-26T17:52:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1093-1",
"initial_release_date": "2026-03-26T17:52:21Z",
"revision_history": [
{
"date": "2026-03-26T17:52:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xen-4.20.2_08-150700.3.28.1.aarch64",
"product": {
"name": "xen-4.20.2_08-150700.3.28.1.aarch64",
"product_id": "xen-4.20.2_08-150700.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "xen-devel-4.20.2_08-150700.3.28.1.aarch64",
"product": {
"name": "xen-devel-4.20.2_08-150700.3.28.1.aarch64",
"product_id": "xen-devel-4.20.2_08-150700.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "xen-doc-html-4.20.2_08-150700.3.28.1.aarch64",
"product": {
"name": "xen-doc-html-4.20.2_08-150700.3.28.1.aarch64",
"product_id": "xen-doc-html-4.20.2_08-150700.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "xen-libs-4.20.2_08-150700.3.28.1.aarch64",
"product": {
"name": "xen-libs-4.20.2_08-150700.3.28.1.aarch64",
"product_id": "xen-libs-4.20.2_08-150700.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "xen-tools-4.20.2_08-150700.3.28.1.aarch64",
"product": {
"name": "xen-tools-4.20.2_08-150700.3.28.1.aarch64",
"product_id": "xen-tools-4.20.2_08-150700.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "xen-tools-domU-4.20.2_08-150700.3.28.1.aarch64",
"product": {
"name": "xen-tools-domU-4.20.2_08-150700.3.28.1.aarch64",
"product_id": "xen-tools-domU-4.20.2_08-150700.3.28.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "xen-libs-64bit-4.20.2_08-150700.3.28.1.aarch64_ilp32",
"product": {
"name": "xen-libs-64bit-4.20.2_08-150700.3.28.1.aarch64_ilp32",
"product_id": "xen-libs-64bit-4.20.2_08-150700.3.28.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "xen-devel-4.20.2_08-150700.3.28.1.i586",
"product": {
"name": "xen-devel-4.20.2_08-150700.3.28.1.i586",
"product_id": "xen-devel-4.20.2_08-150700.3.28.1.i586"
}
},
{
"category": "product_version",
"name": "xen-libs-4.20.2_08-150700.3.28.1.i586",
"product": {
"name": "xen-libs-4.20.2_08-150700.3.28.1.i586",
"product_id": "xen-libs-4.20.2_08-150700.3.28.1.i586"
}
},
{
"category": "product_version",
"name": "xen-tools-domU-4.20.2_08-150700.3.28.1.i586",
"product": {
"name": "xen-tools-domU-4.20.2_08-150700.3.28.1.i586",
"product_id": "xen-tools-domU-4.20.2_08-150700.3.28.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch",
"product": {
"name": "xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch",
"product_id": "xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "xen-4.20.2_08-150700.3.28.1.x86_64",
"product": {
"name": "xen-4.20.2_08-150700.3.28.1.x86_64",
"product_id": "xen-4.20.2_08-150700.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-devel-4.20.2_08-150700.3.28.1.x86_64",
"product": {
"name": "xen-devel-4.20.2_08-150700.3.28.1.x86_64",
"product_id": "xen-devel-4.20.2_08-150700.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-doc-html-4.20.2_08-150700.3.28.1.x86_64",
"product": {
"name": "xen-doc-html-4.20.2_08-150700.3.28.1.x86_64",
"product_id": "xen-doc-html-4.20.2_08-150700.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-libs-4.20.2_08-150700.3.28.1.x86_64",
"product": {
"name": "xen-libs-4.20.2_08-150700.3.28.1.x86_64",
"product_id": "xen-libs-4.20.2_08-150700.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-libs-32bit-4.20.2_08-150700.3.28.1.x86_64",
"product": {
"name": "xen-libs-32bit-4.20.2_08-150700.3.28.1.x86_64",
"product_id": "xen-libs-32bit-4.20.2_08-150700.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-4.20.2_08-150700.3.28.1.x86_64",
"product": {
"name": "xen-tools-4.20.2_08-150700.3.28.1.x86_64",
"product_id": "xen-tools-4.20.2_08-150700.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64",
"product": {
"name": "xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64",
"product_id": "xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.20.2_08-150700.3.28.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-libs-4.20.2_08-150700.3.28.1.x86_64"
},
"product_reference": "xen-libs-4.20.2_08-150700.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64"
},
"product_reference": "xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.20.2_08-150700.3.28.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-4.20.2_08-150700.3.28.1.x86_64"
},
"product_reference": "xen-4.20.2_08-150700.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-devel-4.20.2_08-150700.3.28.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-devel-4.20.2_08-150700.3.28.1.x86_64"
},
"product_reference": "xen-devel-4.20.2_08-150700.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.20.2_08-150700.3.28.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-4.20.2_08-150700.3.28.1.x86_64"
},
"product_reference": "xen-tools-4.20.2_08-150700.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch"
},
"product_reference": "xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-23554",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23554"
}
],
"notes": [
{
"category": "general",
"text": "The Intel EPT paging code uses an optimization to defer flushing of any cached\nEPT state until the p2m lock is dropped, so that multiple modifications done\nunder the same locked region only issue a single flush.\n\nFreeing of paging structures however is not deferred until the flushing is\ndone, and can result in freed pages transiently being present in cached state.\nSuch stale entries can point to memory ranges not owned by the guest, thus\nallowing access to unintended memory regions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-libs-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-devel-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23554",
"url": "https://www.suse.com/security/cve/CVE-2026-23554"
},
{
"category": "external",
"summary": "SUSE Bug 1259247 for CVE-2026-23554",
"url": "https://bugzilla.suse.com/1259247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-libs-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-devel-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-libs-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-devel-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-26T17:52:21Z",
"details": "important"
}
],
"title": "CVE-2026-23554"
},
{
"cve": "CVE-2026-23555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23555"
}
],
"notes": [
{
"category": "general",
"text": "Any guest issuing a Xenstore command accessing a node using the\n(illegal) node path \"/local/domain/\", will crash xenstored due to a\nclobbered error indicator in xenstored when verifying the node path.\n\nNote that the crash is forced via a failing assert() statement in\nxenstored. In case xenstored is being built with NDEBUG #defined,\nan unprivileged guest trying to access the node path \"/local/domain/\"\nwill result in it no longer being serviced by xenstored, other guests\n(including dom0) will still be serviced, but xenstored will use up\nall cpu time it can get.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-libs-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-devel-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23555",
"url": "https://www.suse.com/security/cve/CVE-2026-23555"
},
{
"category": "external",
"summary": "SUSE Bug 1259248 for CVE-2026-23555",
"url": "https://bugzilla.suse.com/1259248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-libs-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-devel-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-libs-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:xen-tools-domU-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-devel-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-4.20.2_08-150700.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP7:xen-tools-xendomains-wait-disk-4.20.2_08-150700.3.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-26T17:52:21Z",
"details": "important"
}
],
"title": "CVE-2026-23555"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…