Skip to main content
Vulnerability Intelligence
Platform
Solutions
Customers
Resources
Company
Login
Get Demo
SUSE-SU-2026:0589-1 | Mondoo Vulnerability Intelligence
Vulnerability Intelligence
SUSE-SU-2026:0589-1
SUSE-SU-2026:0589-1
UNKNOWN
Security update for xen
Published Feb 20, 2026
Modified 1 weeks ago
Fix available
Details
This update for xen fixes the following issues:
CVE-2025-58150: buffer overrun with shadow paging + tracing (XSA-477) (bsc#1256745).
CVE-2026-23553: incomplete IBPB for vCPU isolation (XSA-479) (bsc#1256747).
Affected Packages
xen
SUSE Linux Enterprise Module for Basesystem 15 SP7
SUSE Linux Enterprise Module for Server Applications 15 SP7
Fixed in:
4.20.2_06-150700.3.25.1
xen-libs
SUSE Linux Enterprise Module for Basesystem 15 SP7
Fixed in:
4.20.2_06-150700.3.25.1
xen-tools-domU
SUSE Linux Enterprise Module for Basesystem 15 SP7
Fixed in:
4.20.2_06-150700.3.25.1
xen-devel
SUSE Linux Enterprise Module for Server Applications 15 SP7
Fixed in:
4.20.2_06-150700.3.25.1
xen-tools
SUSE Linux Enterprise Module for Server Applications 15 SP7
Fixed in:
4.20.2_06-150700.3.25.1
xen-tools-xendomains-wait-disk
SUSE Linux Enterprise Module for Server Applications 15 SP7
Fixed in:
4.20.2_06-150700.3.25.1
References
REPORT
https://bugzilla.suse.com/1027519
REPORT
https://bugzilla.suse.com/1256745
REPORT
https://bugzilla.suse.com/1256747
WEB
https://www.suse.com/security/cve/CVE-2025-58150
WEB
https://www.suse.com/security/cve/CVE-2026-23553
ADVISORY
https://www.suse.com/support/update/announcement/2026/suse-su-20260589-1/
Upstream
CVE-2025-58150
CVE-2026-23553
Related
CVE-2025-58150
CVE-2026-23553
Ecosystems
SUSE Linux Enterprise Module for Basesystem 15 SP7
SUSE Linux Enterprise Module for Server Applications 15 SP7
Timeline
Published
Feb 20, 2026
Modified
Feb 20, 2026