SUSE-SU-2025:3797-1
Advisory lineage Upstream: 5 Downstream: 0
Published: 27 Oct 2025, 07:58
Last modified:04 Feb 2026, 04:07
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
27 Oct 2025, 07:58
Published
Vulnerability first disclosed
04 Feb 2026, 04:07
Last Modified
Vulnerability information updated
Description
Security update for xen This update for xen fixes the following issues: - CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls (bsc#1251271, XSA-475) - CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface (bsc#1248807, XSA-472)
Affected Systems
- suse•xen&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
< 4.17.5_12-150500.3.53.1
- suse•xen&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
< 4.17.5_12-150500.3.53.1
- suse•xen&distro=SUSE Linux Enterprise Micro 5.5
< 4.17.5_12-150500.3.53.1
- suse•xen&distro=SUSE Linux Enterprise Server 15 SP5-LTSS
< 4.17.5_12-150500.3.53.1
- suse•xen&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
< 4.17.5_12-150500.3.53.1
References (8)
- https://www.suse.com/support/update/announcement/2025/suse-su-20253797-1/
- https://bugzilla.suse.com/1248807
- https://bugzilla.suse.com/1251271
- https://www.suse.com/security/cve/CVE-2025-27466
- https://www.suse.com/security/cve/CVE-2025-58142
- https://www.suse.com/security/cve/CVE-2025-58143
- https://www.suse.com/security/cve/CVE-2025-58147
- https://www.suse.com/security/cve/CVE-2025-58148