CVE-2025-27465

16.07.2025, 09:15

Certain instructions need intercepting and emulating by Xen. In some
cases Xen emulates the instruction by replaying it, using an executable
stub. Some instructions may raise an exception, which is supposed to be
handled gracefully. Certain replayed instructions have additional logic
to set up and recover the changes to the arithmetic flags.

For replayed instructions where the flags recovery logic is used, the
metadata for exception handling was incorrect, preventing Xen from
handling the the exception gracefully, treating it as fatal instead.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
XEN	CNA	---				---
CISA-ADP	ADP	6.5 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

xen

bullseye	vulnerable
bullseye (security)	vulnerable
bookworm	vulnerable
bookworm (security)	vulnerable
trixie	vulnerable
sid	vulnerable

Vulnerability Media Exposure

[GERMAN] Xen: Schwachstelle ermöglicht Denial of Service
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Xen ausnutzen, um einen Denial of Service Angriff durchzuführen.
Published: 2025-07-01T22:00:00+00:00

References

https://xenbits.xenproject.org/xsa/advisory-470.html