35074 – xen new security issues CVE-2025-58150 and CVE-2026-23553

Bug 35074 - xen new security issues CVE-2025-58150 and CVE-2026-23553

Summary: xen new security issues CVE-2025-58150 and CVE-2026-23553

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	9
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	MGA9-64-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:

Reported:	2026-01-27 13:50 CET by Nicolas Salguero
Modified:	2026-01-30 01:40 CET (History)
CC List:	3 users (show)

See Also:
Source RPM:	xen-4.17.5-1.git20251028.1.mga9.src.rpm
CVE:	CVE-2025-58150, CVE-2026-23553
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2026-01-27 13:50:10 CET

References:
https://www.openwall.com/lists/oss-security/2026/01/27/1
https://www.openwall.com/lists/oss-security/2026/01/27/2
https://www.openwall.com/lists/oss-security/2026/01/27/3

Nicolas Salguero 2026-01-27 13:51:48 CET

Flags: (none) => affects_mga9+
CVE: (none) => CVE-2025-58150, CVE-2025-58151, CVE-2026-23553
Source RPM: (none) => xen-4.20.2-1.mga10.src.rpm, xen-4.17.5-1.git20251028.1.mga9.src.rpm
Whiteboard: (none) => MGA9TOO

Comment 1 Nicolas Salguero 2026-01-27 14:43:54 CET

CVE-2025-58151 does not affect xen.

CVE: CVE-2025-58150, CVE-2025-58151, CVE-2026-23553 => CVE-2025-58150, CVE-2026-23553
Summary: xen new security issues CVE-2025-58150, CVE-2025-58151 and CVE-2026-23553 => xen new security issues CVE-2025-58150 and CVE-2026-23553

Comment 2 Nicolas Salguero 2026-01-27 15:03:20 CET

Suggested advisory:
========================

The updated packages fix security vulnerabilities:

x86: buffer overrun with shadow paging + tracing. (CVE-2025-58150)

x86: incomplete IBPB for vCPU isolation. (CVE-2026-23553)

References:
https://www.openwall.com/lists/oss-security/2026/01/27/1
https://www.openwall.com/lists/oss-security/2026/01/27/3
========================

Updated packages in core/updates_testing:
========================
lib(64)xen-devel-4.17.5-1.git20251028.2.mga9
lib(64)xen3.0-4.17.5-1.git20251028.2.mga9
ocaml-xen-4.17.5-1.git20251028.2.mga9
ocaml-xen-devel-4.17.5-1.git20251028.2.mga9
xen-4.17.5-1.git20251028.2.mga9
xen-hypervisor-4.17.5-1.git20251028.2.mga9
xen-licenses-4.17.5-1.git20251028.2.mga9
xen-runtime-4.17.5-1.git20251028.2.mga9

from SRPM:
xen-4.17.5-1.git20251028.2.mga9.src.rpm

Status: NEW => ASSIGNED
Flags: affects_mga9+ => (none)
Whiteboard: MGA9TOO => (none)
Source RPM: xen-4.20.2-1.mga10.src.rpm, xen-4.17.5-1.git20251028.1.mga9.src.rpm => xen-4.17.5-1.git20251028.1.mga9.src.rpm
Assignee: bugsquad => qa-bugs

Nicolas Salguero 2026-01-27 15:03:25 CET

Version: Cauldron => 9

Comment 3 katnatek 2026-01-28 20:51:00 CET

Installed without issues

LC_ALL=C urpmi /home/katnatek/qa-testing/x86_64/*.rpm
To satisfy dependencies, the following packages are going to be installed:
  Package                        Version      Release       Arch    
(medium "Core Release (distrib1)")
  edk2-ovmf-xen                  20221117git> 7.mga9        noarch  (recommended)
  lib64nl-cli3_200               3.7.0        1.mga9        x86_64  
  lib64nl-idiag3_200             3.7.0        1.mga9        x86_64  
  lib64nl-nf3_200                3.7.0        1.mga9        x86_64  
  lib64nl-xfrm3_200              3.7.0        1.mga9        x86_64  
  lib64nl3-devel                 3.7.0        1.mga9        x86_64  
  ocaml-compiler                 4.14.0       2.mga9        x86_64  
  ocaml-compiler-libs            4.14.0       2.mga9        x86_64  
  python3-lxml                   4.9.2        1.mga9        x86_64  
(medium "Core Updates (distrib3)")
  lib64uuid-devel                2.38.1       1.1.mga9      x86_64  
  lib64yajl-devel                2.1.0        6.1.mga9      x86_64  
(command line)
  lib64xen-devel                 4.17.5       1.git2025102> x86_64  
  lib64xen3.0                    4.17.5       1.git2025102> x86_64  
  ocaml-xen                      4.17.5       1.git2025102> x86_64  
  ocaml-xen-devel                4.17.5       1.git2025102> x86_64  
  xen                            4.17.5       1.git2025102> x86_64  
  xen-hypervisor                 4.17.5       1.git2025102> x86_64  
  xen-licenses                   4.17.5       1.git2025102> x86_64  
  xen-runtime                    4.17.5       1.git2025102> x86_64  
434MB of additional disk space will be used.
126MB of packages will be retrieved.
Proceed with the installation of the 19 packages? (Y/n) y


    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64nl-xfrm3_200-3.7.0-1.mga9.x86_64.rpm
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/edk2-ovmf-xen-20221117gitfff6d81270b5-7.mga9.noarch.rpm
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64nl-cli3_200-3.7.0-1.mga9.x86_64.rpm        
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/python3-lxml-4.9.2-1.mga9.x86_64.rpm            
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/ocaml-compiler-libs-4.14.0-2.mga9.x86_64.rpm    
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64nl-idiag3_200-3.7.0-1.mga9.x86_64.rpm      
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64nl-nf3_200-3.7.0-1.mga9.x86_64.rpm         
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64nl3-devel-3.7.0-1.mga9.x86_64.rpm          
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/ocaml-compiler-4.14.0-2.mga9.x86_64.rpm         
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/updates/lib64uuid-devel-2.38.1-1.1.mga9.x86_64.rpm      
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/updates/lib64yajl-devel-2.1.0-6.1.mga9.x86_64.rpm       
installing /var/cache/urpmi/rpms/lib64nl-idiag3_200-3.7.0-1.mga9.x86_64.rpm                                                          
/var/cache/urpmi/rpms/ocaml-compiler-libs-4.14.0-2.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/lib64xen-devel-4.17.5-1.git20251028.2.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/xen-runtime-4.17.5-1.git20251028.2.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64yajl-devel-2.1.0-6.1.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64nl-xfrm3_200-3.7.0-1.mga9.x86_64.rpm
/var/cache/urpmi/rpms/edk2-ovmf-xen-20221117gitfff6d81270b5-7.mga9.noarch.rpm
/var/cache/urpmi/rpms/python3-lxml-4.9.2-1.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/lib64xen3.0-4.17.5-1.git20251028.2.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64nl3-devel-3.7.0-1.mga9.x86_64.rpm
/var/cache/urpmi/rpms/ocaml-compiler-4.14.0-2.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64nl-nf3_200-3.7.0-1.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/ocaml-xen-devel-4.17.5-1.git20251028.2.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/xen-4.17.5-1.git20251028.2.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64uuid-devel-2.38.1-1.1.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/xen-licenses-4.17.5-1.git20251028.2.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/xen-hypervisor-4.17.5-1.git20251028.2.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64nl-cli3_200-3.7.0-1.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/ocaml-xen-4.17.5-1.git20251028.2.mga9.x86_64.rpm
Preparing...                     ###################################################################################################
     1/19: xen-licenses          ###################################################################################################
     2/19: lib64xen3.0           ###################################################################################################
     3/19: lib64nl-nf3_200       ###################################################################################################
     4/19: lib64nl-cli3_200      ###################################################################################################
     5/19: ocaml-compiler        ###################################################################################################
     6/19: ocaml-compiler-libs   ###################################################################################################
     7/19: ocaml-xen             ###################################################################################################
     8/19: lib64uuid-devel       ###################################################################################################
     9/19: python3-lxml          ###################################################################################################
    10/19: edk2-ovmf-xen         ###################################################################################################
    11/19: xen-hypervisor        ###################################################################################################
Generating grub configuration file ...
Found theme: /boot/grub2/themes/maggy/theme.txt
Found linux image: /boot/vmlinuz-6.18.4-server-3.stabletesting.mga9
Found initrd image: /boot/initrd-6.18.4-server-3.stabletesting.mga9.img
Found linux image: /boot/vmlinuz-6.6.120-server-1.mga9
Found initrd image: /boot/initrd-6.6.120-server-1.mga9.img
Found linux image: /boot/vmlinuz-6.6.120-desktop-1.mga9
Found initrd image: /boot/initrd-6.6.120-desktop-1.mga9.img
Found linux image: /boot/vmlinuz-6.6.120-1.mga9
Found initrd image: /boot/initrd-6.6.120-1.mga9.img
Found linux image: /boot/vmlinuz-6.6.116-server-1.mga9
Found initrd image: /boot/initrd-6.6.116-server-1.mga9.img
Found linux image: /boot/vmlinuz-6.6.116-desktop-1.mga9
Found initrd image: /boot/initrd-6.6.116-desktop-1.mga9.img
Found linux image: /boot/vmlinuz-6.6.116-1.mga9
Found initrd image: /boot/initrd-6.6.116-1.mga9.img
Found linux image: /boot/vmlinuz-6.18.4-server-3.stabletesting.mga9
Found initrd image: /boot/initrd-6.18.4-server-3.stabletesting.mga9.img
Found linux image: /boot/vmlinuz-6.6.120-server-1.mga9
Found initrd image: /boot/initrd-6.6.120-server-1.mga9.img
Found linux image: /boot/vmlinuz-6.6.120-desktop-1.mga9
Found initrd image: /boot/initrd-6.6.120-desktop-1.mga9.img
Found linux image: /boot/vmlinuz-6.6.120-1.mga9
Found initrd image: /boot/initrd-6.6.120-1.mga9.img
Found linux image: /boot/vmlinuz-6.6.116-server-1.mga9
Found initrd image: /boot/initrd-6.6.116-server-1.mga9.img
Found linux image: /boot/vmlinuz-6.6.116-desktop-1.mga9
Found initrd image: /boot/initrd-6.6.116-desktop-1.mga9.img
Found linux image: /boot/vmlinuz-6.6.116-1.mga9
Found initrd image: /boot/initrd-6.6.116-1.mga9.img
Found Mageia 10 (10) on /dev/sda7
Adding boot menu entry for UEFI Firmware Settings ...
done
    12/19: xen-runtime           ###################################################################################################
Created symlink /etc/systemd/system/multi-user.target.wants/xenstored.service -> /usr/lib/systemd/system/xenstored.service.
Created symlink /etc/systemd/system/multi-user.target.wants/xenconsoled.service -> /usr/lib/systemd/system/xenconsoled.service.
    13/19: lib64nl-xfrm3_200     ###################################################################################################
    14/19: lib64yajl-devel       ###################################################################################################
    15/19: lib64nl-idiag3_200    ###################################################################################################
    16/19: lib64nl3-devel        ###################################################################################################
    17/19: lib64xen-devel        ###################################################################################################
    18/19: ocaml-xen-devel       ###################################################################################################
    19/19: xen                   ###################################################################################################
Created symlink /etc/systemd/system/multi-user.target.wants/xendomains.service -> /usr/lib/systemd/system/xendomains.service.
      1/2: removing lib64xen3.0-4.17.5-1.git20251028.1.mga9.x86_64
                                 ###################################################################################################
      2/2: removing xen-licenses-4.17.5-1.git20251028.1.mga9.x86_64
                                 ###################################################################################################

Lets see if this time I can test with internal card
I'll be back

Comment 4 katnatek 2026-01-28 21:07:57 CET

No luck, I'll have to let in clean install this time

Whiteboard: (none) => MGA9-64-OK

Comment 5 Thomas Andrews 2026-01-29 19:29:19 CET

validating.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

katnatek 2026-01-29 23:28:47 CET

Keywords: (none) => advisory

Comment 6 Dan Fandrich 2026-01-30 00:56:09 CET

I've fixed the RPM name in the advisory to match that in comment 2 and comment 3.

CC: (none) => dan

Comment 7 katnatek 2026-01-30 01:21:44 CET

(In reply to Dan Fandrich from comment #6)
> I've fixed the RPM name in the advisory to match that in comment 2 and
> comment 3.

Thanks and sorry,

Comment 8 Mageia Robot 2026-01-30 01:40:23 CET

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2026-0026.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED

Note You need to log in before you can comment on or make changes to this bug.