[SECURITY] [DSA 6068-1] xen security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 6068-1] xen security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Tue, 2 Dec 2025 21:58:18 +0000
Message-id: <[🔎] aS9g-lWN8MT6yE8f@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6068-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
December 02, 2025                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : xen
CVE ID         : CVE-2024-28956 CVE-2024-36350 CVE-2024-36357
                 CVE-2025-27465 CVE-2025-27466 CVE-2025-58142
		 CVE-2025-58143 CVE-2025-58144 CVE-2025-58145
		 CVE-2025-58147 CVE-2025-58148 CVE-2025-58149
		 CVE-2025-1713

Multiple vulnerabilities have been discovered in the Xen hypervisor,
which could result in memory disclosure, denial of service or
privilege escalation.

For the oldstable distribution (bookworm), these problems have been fixed
in version 4.17.5+72-g01140da4e8-1.

For the stable distribution (trixie), these problems have been fixed in
version 4.20.2+7-g1badcf5035-0+deb13u1.

We recommend that you upgrade your xen packages.

For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmkvX3UACgkQEMKTtsN8
TjYheBAAh2reXA7VCnSZhr7vaQPJeiLz5vWMHrIsYFhDj/pObuCsHdpEzIiAQtkN
03M8X22TvwZ70C2vZvVOh0JVeMODUkVrQm1HAOWyvMdHYMUZBBUVk+AnRWiQt37c
u6HkrxBFDVzCmC77L/O5v1ZxyDBl0qmJ4nE1YChN8xY4+Dune5YmVXiS5Lj15FYz
wocKiuhoA4boxUwlUb6rfuVEiKL/aHDhQ4bFuaq9Hb5RYNMCQpAkaUGi3xNimcEA
/1TXmNP2zeBqNZdHERYOyV0OZmo1MQBH/mdkTNGy2W4NiUTURCeNQZhLRXZNMBF2
2PjA7sq8Uf3jdDmA6dlbpHW9STLFqhd8pe+V2GtyCcoEKY/QGfuG5D9LqSKKYq05
WyU+exZLK9HvxSJqiHy362yTBGROOSHPb0D1LhSZadeNUAmIAtfbNgBsj4iQk3o9
LWp38C8/n3IX8lJ5IPcs3s+XT547aVexH/occrsaHVW1K2eEEr1Khc1G+aXQlAAz
jQJy8VIjl7ISURrrH0p+wbxKoitqqEcWa/6BD2UtGU8Ar+pK1FRVOi4hNEStvOQW
PCoG1igpa6ONSOqXJBEgYiNuk4/K3c51WImqzhfvc/kKXRE0H/IXT1jqO7tWDGmu
klyICuRzhwKjFAiHq53VC7slbxugIPJFXnxKTAfpMTzpwxcpQ6Q=
=j0Rz
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 6067-1] containerd security update
Next by Date: [SECURITY] [DSA 6069-1] openvpn security update
Previous by thread: [SECURITY] [DSA 6067-1] containerd security update
Next by thread: [SECURITY] [DSA 6069-1] openvpn security update
Index(es):
- Date
- Thread