- Description
- Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing.
- Source
- security@xen.org
- NVD status
- Analyzed
- Products
- xen
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 6
- Exploitability score
- 2
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-787
- Hype score
- Not currently trending
๐จ Attention System Administrators & DevOps Teams! ๐จ Mageia has released a critical security update, MGASA-2026-0026, patching two high-severity Xen hypervisor vulnerabilities (CVE-2025-58150 & CVE-2026-23553). Read more: ๐ https://t.co/yZg1dIbOrU #Security https
@Cezar_H_Linux
30 Jan 2026
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Xen hypervisor has a HIGH severity out-of-bounds write (CVE-2025-58150) in shadow mode tracing, exploitable by malicious guests. Update to 4.18.5-r4. #Xen #Virtualization #InfoSec https://t.co/Ep5GV3BT5n
@pulsepatchio
30 Jan 2026
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A high severity out-of-bounds write (CVE-2025-58150) impacts Xen hypervisor shadow mode. Guest-controlled data can lead to memory corruption. Requires guest compromise. #Xen #Virtualization #InfoSec https://t.co/E8G74bDyot
@pulsepatchio
30 Jan 2026
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
URGENT: #openSUSE Leap 15.6 users must patch Xen hypervisor vulnerabilities CVE-2025-58150 (buffer overrun) and CVE-2026-23553 (incomplete IBPB). Read more: ๐ https://t.co/vGoK29zDFU #Security https://t.co/IgMwGkuP5z
@Cezar_H_Linux
28 Jan 2026
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-58150 Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, ofโฆ https://t.co/B3uwTNzKgH
@CVEnew
28 Jan 2026
117 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
3 new Xen Security Advisories https://t.co/O4qDUqCDdd 477 CVE-2025-58150 x86: buffer overrun with shadow paging + tracing 478 CVE-2025-58151 varstored: TOCTOU issues with mapped guest memory 479 CVE-2026-23553 x86: incomplete IBPB for vCPU isolation
@oss_security
28 Jan 2026
558 Impressions
1 Retweet
7 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2026-23553 x86: incomplete IBPB for vCPU isolation CVE-2025-58151 varstored: TOCTOU issues with mapped guest memory CVE-2025-58150 x86: buffer overrun with shadow paging + tracing Xen Security Advisories https://t.co/aGhjl6MOAL
@autumn_good_35
27 Jan 2026
296 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-58150 Xen Security Advisory 477 v2 (CVE-2025-58150) - x86 https://t.co/iNas6eA1k0 Customizable Vulnerability Alerts: https://t.co/U7998fz7yk
@VulmonFeeds
27 Jan 2026
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A new vulnerability with increased severity was disclosed for Xen (CVE-2025-58150) https://t.co/A7WPXnZPMl
@vuldb
27 Jan 2026
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "BAB3DD44-8D3F-493C-936C-E0D6C63685C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]