Advisories » MGASA-2026-0026

Updated xen packages fix security vulnerabilities

Publication date: 30 Jan 2026
Modification date: 29 Jan 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-58150 , CVE-2026-23553

Description

x86: buffer overrun with shadow paging + tracing. (CVE-2025-58150)
x86: incomplete IBPB for vCPU isolation. (CVE-2026-23553)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=35074
• https://www.openwall.com/lists/oss-security/2026/01/27/1
• https://www.openwall.com/lists/oss-security/2026/01/27/3
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58150
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23553

SRPMS

9/core

• xen-4.17.5-1.git20251028.2.mga9