csaf_suse - suse-su-2025:02319-1

SUSE-SU-2025:02319-1

Vulnerability from csaf_suse - Published: 2025-07-15 14:20 - Updated: 2025-07-15 14:20

Summary

Security update for xen

Notes

Title of the patch

Security update for xen

Description of the patch

This update for xen fixes the following issues: - CVE-2024-36350, CVE-2024-36357: More AMD transient execution attacks (bsc#1246112, XSA-471) - CVE-2025-27465: Incorrect stubs exception handling for flags recovery (bsc#1244644, XSA-470)

Patchnames

SUSE-2025-2319,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2319,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2319,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2319,SUSE-SUSE-MicroOS-5.1-2025-2319,SUSE-SUSE-MicroOS-5.2-2025-2319,SUSE-Storage-7.1-2025-2319

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for xen",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for xen fixes the following issues:\n\n- CVE-2024-36350, CVE-2024-36357: More AMD transient execution attacks (bsc#1246112, XSA-471)\n- CVE-2025-27465: Incorrect stubs exception handling for flags recovery (bsc#1244644, XSA-470)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-2319,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2319,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2319,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2319,SUSE-SUSE-MicroOS-5.1-2025-2319,SUSE-SUSE-MicroOS-5.2-2025-2319,SUSE-Storage-7.1-2025-2319",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02319-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:02319-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502319-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:02319-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021813.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1238896",
        "url": "https://bugzilla.suse.com/1238896"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1244644",
        "url": "https://bugzilla.suse.com/1244644"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1246112",
        "url": "https://bugzilla.suse.com/1246112"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-36350 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-36350/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-36357 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-36357/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27465 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27465/"
      }
    ],
    "title": "Security update for xen",
    "tracking": {
      "current_release_date": "2025-07-15T14:20:08Z",
      "generator": {
        "date": "2025-07-15T14:20:08Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:02319-1",
      "initial_release_date": "2025-07-15T14:20:08Z",
      "revision_history": [
        {
          "date": "2025-07-15T14:20:08Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.14.6_26-150300.3.91.1.aarch64",
                "product": {
                  "name": "xen-4.14.6_26-150300.3.91.1.aarch64",
                  "product_id": "xen-4.14.6_26-150300.3.91.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.14.6_26-150300.3.91.1.aarch64",
                "product": {
                  "name": "xen-devel-4.14.6_26-150300.3.91.1.aarch64",
                  "product_id": "xen-devel-4.14.6_26-150300.3.91.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.14.6_26-150300.3.91.1.aarch64",
                "product": {
                  "name": "xen-doc-html-4.14.6_26-150300.3.91.1.aarch64",
                  "product_id": "xen-doc-html-4.14.6_26-150300.3.91.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.14.6_26-150300.3.91.1.aarch64",
                "product": {
                  "name": "xen-libs-4.14.6_26-150300.3.91.1.aarch64",
                  "product_id": "xen-libs-4.14.6_26-150300.3.91.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.14.6_26-150300.3.91.1.aarch64",
                "product": {
                  "name": "xen-tools-4.14.6_26-150300.3.91.1.aarch64",
                  "product_id": "xen-tools-4.14.6_26-150300.3.91.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.14.6_26-150300.3.91.1.aarch64",
                "product": {
                  "name": "xen-tools-domU-4.14.6_26-150300.3.91.1.aarch64",
                  "product_id": "xen-tools-domU-4.14.6_26-150300.3.91.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-libs-64bit-4.14.6_26-150300.3.91.1.aarch64_ilp32",
                "product": {
                  "name": "xen-libs-64bit-4.14.6_26-150300.3.91.1.aarch64_ilp32",
                  "product_id": "xen-libs-64bit-4.14.6_26-150300.3.91.1.aarch64_ilp32"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64_ilp32"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-devel-4.14.6_26-150300.3.91.1.i586",
                "product": {
                  "name": "xen-devel-4.14.6_26-150300.3.91.1.i586",
                  "product_id": "xen-devel-4.14.6_26-150300.3.91.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.14.6_26-150300.3.91.1.i586",
                "product": {
                  "name": "xen-libs-4.14.6_26-150300.3.91.1.i586",
                  "product_id": "xen-libs-4.14.6_26-150300.3.91.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.14.6_26-150300.3.91.1.i586",
                "product": {
                  "name": "xen-tools-domU-4.14.6_26-150300.3.91.1.i586",
                  "product_id": "xen-tools-domU-4.14.6_26-150300.3.91.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
                "product": {
                  "name": "xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
                  "product_id": "xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xen-4.14.6_26-150300.3.91.1.x86_64",
                "product": {
                  "name": "xen-4.14.6_26-150300.3.91.1.x86_64",
                  "product_id": "xen-4.14.6_26-150300.3.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-devel-4.14.6_26-150300.3.91.1.x86_64",
                "product": {
                  "name": "xen-devel-4.14.6_26-150300.3.91.1.x86_64",
                  "product_id": "xen-devel-4.14.6_26-150300.3.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-doc-html-4.14.6_26-150300.3.91.1.x86_64",
                "product": {
                  "name": "xen-doc-html-4.14.6_26-150300.3.91.1.x86_64",
                  "product_id": "xen-doc-html-4.14.6_26-150300.3.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-4.14.6_26-150300.3.91.1.x86_64",
                "product": {
                  "name": "xen-libs-4.14.6_26-150300.3.91.1.x86_64",
                  "product_id": "xen-libs-4.14.6_26-150300.3.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-libs-32bit-4.14.6_26-150300.3.91.1.x86_64",
                "product": {
                  "name": "xen-libs-32bit-4.14.6_26-150300.3.91.1.x86_64",
                  "product_id": "xen-libs-32bit-4.14.6_26-150300.3.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-4.14.6_26-150300.3.91.1.x86_64",
                "product": {
                  "name": "xen-tools-4.14.6_26-150300.3.91.1.x86_64",
                  "product_id": "xen-tools-4.14.6_26-150300.3.91.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
                "product": {
                  "name": "xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
                  "product_id": "xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.1",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.1",
                  "product_id": "SUSE Linux Enterprise Micro 5.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-microos:5.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.2",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.2",
                  "product_id": "SUSE Linux Enterprise Micro 5.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-microos:5.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 7.1",
                "product": {
                  "name": "SUSE Enterprise Storage 7.1",
                  "product_id": "SUSE Enterprise Storage 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:7.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-devel-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-libs-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-tools-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
        },
        "product_reference": "xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-devel-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-libs-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-tools-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
        },
        "product_reference": "xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-devel-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-devel-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-libs-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-libs-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-tools-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
        },
        "product_reference": "xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
          "product_id": "SUSE Linux Enterprise Micro 5.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-libs-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
          "product_id": "SUSE Linux Enterprise Micro 5.2:xen-libs-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-libs-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xen-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-devel-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xen-devel-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-devel-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-libs-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-libs-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xen-tools-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-tools-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64"
        },
        "product_reference": "xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
        },
        "product_reference": "xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-36350",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-36350"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
          "SUSE Linux Enterprise Micro 5.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-36350",
          "url": "https://www.suse.com/security/cve/CVE-2024-36350"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238896 for CVE-2024-36350",
          "url": "https://bugzilla.suse.com/1238896"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise Micro 5.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-07-15T14:20:08Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-36350"
    },
    {
      "cve": "CVE-2024-36357",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-36357"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
          "SUSE Linux Enterprise Micro 5.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-36357",
          "url": "https://www.suse.com/security/cve/CVE-2024-36357"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1238896 for CVE-2024-36357",
          "url": "https://bugzilla.suse.com/1238896"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise Micro 5.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-07-15T14:20:08Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-36357"
    },
    {
      "cve": "CVE-2025-27465",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27465"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Certain instructions need intercepting and emulating by Xen.  In some\ncases Xen emulates the instruction by replaying it, using an executable\nstub.  Some instructions may raise an exception, which is supposed to be\nhandled gracefully.  Certain replayed instructions have additional logic\nto set up and recover the changes to the arithmetic flags.\n\nFor replayed instructions where the flags recovery logic is used, the\nmetadata for exception handling was incorrect, preventing Xen from\nhandling the the exception gracefully, treating it as fatal instead.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Enterprise Storage 7.1:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
          "SUSE Linux Enterprise Micro 5.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27465",
          "url": "https://www.suse.com/security/cve/CVE-2025-27465"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1244644 for CVE-2025-27465",
          "url": "https://bugzilla.suse.com/1244644"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise Micro 5.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Enterprise Storage 7.1:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise Micro 5.1:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-devel-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-libs-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-domU-4.14.6_26-150300.3.91.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-07-15T14:20:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-27465"
    }
  ]
}

CVE-2025-27465 (GCVE-0-2025-27465)

Vulnerability from cvelistv5 – Published: 2025-07-16 09:08 – Updated: 2025-11-04 21:09

Summary

Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replayed instructions have additional logic to set up and recover the changes to the arithmetic flags. For replayed instructions where the flags recovery logic is used, the metadata for exception handling was incorrect, preventing Xen from handling the the exception gracefully, treating it as fatal instead.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-755 - Improper Handling of Exceptional Conditions

Assigner

XEN

References

URL

Tags

https://xenbits.xenproject.org/xsa/advisory-470.html

Impacted products

	Vendor	Product	Version
	Xen	Xen	Unknown: consult Xen advisory XSA-470

Credits

This issue was discovered by Andrew Cooper of XenServer.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-27465",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-16T20:46:06.289437Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-755",
                "description": "CWE-755 Improper Handling of Exceptional Conditions",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-17T15:00:57.741Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:09:50.127Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://xenbits.xen.org/xsa/advisory-470.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/07/01/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Xen",
          "vendor": "Xen",
          "versions": [
            {
              "status": "unknown",
              "version": "consult Xen advisory XSA-470"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "Xen 4.9 and onwards are vulnerable.  Xen 4.8 and older are not\nvulnerable.\n\nOnly x86 systems are vulnerable.  ARM systems are not vulnerable.\n\nOnly HVM or PVH guests can leverage the vulnerability.  PV guests cannot\nleverage the vulnerability."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "This issue was discovered by Andrew Cooper of XenServer."
        }
      ],
      "datePublic": "2025-07-01T11:56:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain instructions need intercepting and emulating by Xen.  In some\ncases Xen emulates the instruction by replaying it, using an executable\nstub.  Some instructions may raise an exception, which is supposed to be\nhandled gracefully.  Certain replayed instructions have additional logic\nto set up and recover the changes to the arithmetic flags.\n\nFor replayed instructions where the flags recovery logic is used, the\nmetadata for exception handling was incorrect, preventing Xen from\nhandling the the exception gracefully, treating it as fatal instead."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "An unprivileged guest can cause a hypervisor crash, causing a Denial of\nService (DoS) of the entire host."
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-16T09:08:39.931Z",
        "orgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
        "shortName": "XEN"
      },
      "references": [
        {
          "url": "https://xenbits.xenproject.org/xsa/advisory-470.html"
        }
      ],
      "title": "x86: Incorrect stubs exception handling for flags recovery",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no mitigations."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f",
    "assignerShortName": "XEN",
    "cveId": "CVE-2025-27465",
    "datePublished": "2025-07-16T09:08:39.931Z",
    "dateReserved": "2025-02-26T09:16:54.461Z",
    "dateUpdated": "2025-11-04T21:09:50.127Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-36357 (GCVE-0-2024-36357)

Vulnerability from cvelistv5 – Published: 2025-07-08 17:01 – Updated: 2025-11-04 21:08

Summary

A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.

Severity ?

5.6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-1421 - Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution

Assigner

AMD

References

URL

Tags

https://www.amd.com/en/resources/product-security…

Impacted products

Vendor

Product

Version

AMD

AMD EPYC™ 7003 Series Processors

Unaffected: MilanPI 1.0.0.G + OS Updates

AMD	AMD EPYC™ 9004 Series Processors	Unaffected: GenoaPI 1.0.0.E + OS Updates
AMD	AMD EPYC™ 8004 Series Processors	Unaffected: GenoaPI 1.0.0.E + OS Updates
AMD	AMD EPYC™ 9V64H Processor	Unaffected: MI300PI 1.0.0.7 + OS Updates
AMD	AMD Ryzen™ 5000 Series Desktop Processors	Unaffected: ComboAM4v2PI 1.2.0.E + OS Updates
AMD	AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics	Unaffected: ComboAM4v2PI 1.2.0.E + OS Updates
AMD	AMD Ryzen™ 7000 Series Desktop Processors	Unaffected: ComboAM5PI 1.2.0.3 + OS Updates Unaffected: ComboAM5PI 1.0.0.a+ OS Updates Unaffected: ComboAM5PI 1.1.0.3c+ OS Updates
AMD	AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics	Unaffected: ComboAM5PI 1.2.0.3 + OS Updates Unaffected: ComboAM5PI 1.1.0.3c+ OS Updates
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors	Unaffected: StormPeakPI-SP6 1.1.0.0i + OS Updates Unaffected: StormPeakPI-SP6 1.0.0.1k + OS Updates
AMD	AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics	Unaffected: RembrandtPI-FP7 1.0.0.Bb + OS Updates
AMD	AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics	Unaffected: RembrandtPI-FP7 1.0.0.Bb + OS Updates
AMD	AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.1.1b + OS Updates
AMD	AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics	Unaffected: PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics	Unaffected: PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates
AMD	AMD Ryzen™ 7000 Series Mobile Processors	Unaffected: DragonRangeFL1 1.0.0.3g + OS Updates
AMD	AMD EPYC™ Embedded 7003 Series Processors	Unaffected: EmbMilanPI-SP3 1.0.0.A + OS updates
AMD	AMD EPYC™ Embedded 8004 Series Processors	Unaffected: EmbGenoaPI-SP5 1.0.0.9 + OS updates
AMD	AMD EPYC™ Embedded 9004 Series Processors	Unaffected: EmbGenoaPI-SP5 1.0.0.9 + OS updates
AMD	AMD Ryzen™ Embedded 5000 Series Processors	Unaffected: EmbAM4PI 1.0.0.7 + OS Update
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: EmbeddedAM5PI 1.0.0.3 + OS updates
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Unaffected: Embedded-PI_FP7r2 100C + OS updates
AMD	AMD EPYC™ Embedded 97X4	Unaffected: EmbGenoaPI-SP5 1.0.0.9 + OS updates
AMD	AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.1.1b + OS Updates

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36357",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-09T13:36:59.777404Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-09T13:37:06.013Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:08:40.807Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
          },
          {
            "url": "http://xenbits.xen.org/xsa/advisory-471.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/08/28/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7003 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MilanPI 1.0.0.G + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.E + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.E + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9V64H Processor",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MI300PI 1.0.0.7 + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.E + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.E + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.2.0.3 + OS Updates"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.0.0.a+ OS Updates"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5PI  1.1.0.3c+ OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.2.0.3 + OS Updates"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5PI  1.1.0.3c+ OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6 1.1.0.0i + OS Updates"
            },
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6 1.0.0.1k + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7 1.0.0.Bb + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7 1.0.0.Bb + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.1.1b + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "DragonRangeFL1 1.0.0.3g + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbMilanPI-SP3 1.0.0.A + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbAM4PI 1.0.0.7 + OS Update"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedAM5PI 1.0.0.3 + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Embedded-PI_FP7r2 100C + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 97X4",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.1.1b + OS Updates"
            }
          ]
        }
      ],
      "datePublic": "2025-07-08T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.\u003cbr\u003e"
            }
          ],
          "value": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1421",
              "description": "CWE-1421  Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-08T17:01:48.957Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-36357",
    "datePublished": "2025-07-08T17:01:48.957Z",
    "dateReserved": "2024-05-23T19:44:50.001Z",
    "dateUpdated": "2025-11-04T21:08:40.807Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-36350 (GCVE-0-2024-36350)

Vulnerability from cvelistv5 – Published: 2025-07-08 16:56 – Updated: 2025-11-04 21:08

Summary

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.

Severity ?

5.6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-1421 - Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution

Assigner

AMD

References

URL

Tags

https://www.amd.com/en/resources/product-security…

Impacted products

Vendor

Product

Version

AMD

AMD EPYC™ 7003 Series Processors

Unaffected: MilanPI 1.0.0.G + OS Updates

AMD	AMD EPYC™ 9004 Series Processors	Unaffected: GenoaPI 1.0.0.E + OS Updates
AMD	AMD EPYC™ 8004 Series Processors	Unaffected: GenoaPI 1.0.0.E + OS Updates
AMD	AMD EPYC™ 9V64H Processor	Unaffected: MI300PI 1.0.0.7 + OS Updates
AMD	AMD Ryzen™ 5000 Series Desktop Processors	Unaffected: ComboAM4v2PI 1.2.0.E + OS Updates
AMD	AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics	Unaffected: ComboAM4v2PI 1.2.0.E + OS Updates
AMD	AMD Ryzen™ 7000 Series Desktop Processors	Unaffected: ComboAM5PI 1.2.0.3 + OS Updates Unaffected: ComboAM5PI 1.0.0.a+ OS Updates Unaffected: ComboAM5PI 1.1.0.3c+ OS Updates
AMD	AMD Ryzen™ 8000 Series Processor with Radeon™ Graphics	Unaffected: ComboAM5PI 1.2.0.3 + OS Updates Unaffected: ComboAM5PI 1.1.0.3c+ OS Updates
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors	Unaffected: StormPeakPI-SP6 1.1.0.0i + OS Updates Unaffected: StormPeakPI-SP6 1.0.0.1k + OS Updates
AMD	AMD Ryzen™ 6000 Series Processor with Radeon™ Graphics	Unaffected: RembrandtPI-FP7 1.0.0.Bb + OS Updates
AMD	AMD Ryzen™ 7035 Series Processor with Radeon™ Graphics	Unaffected: RembrandtPI-FP7 1.0.0.Bb + OS Updates
AMD	AMD Ryzen™ 7000 Series Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.1.1b + OS Updates
AMD	AMD Ryzen™ 7040 Series Processors with Radeon™ Graphics	Unaffected: PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics	Unaffected: PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates
AMD	AMD Ryzen™ 7000 Series Mobile Processors	Unaffected: DragonRangeFL1 1.0.0.3g + OS Updates
AMD	AMD EPYC™ Embedded 7003 Series Processors	Unaffected: EmbMilanPI-SP3 1.0.0.A + OS updates
AMD	AMD EPYC™ Embedded 8004 Series Processors	Unaffected: EmbGenoaPI-SP5 1.0.0.9 + OS updates
AMD	AMD EPYC™ Embedded 9004 Series Processors	Unaffected: EmbGenoaPI-SP5 1.0.0.9 + OS updates
AMD	AMD Ryzen™ Embedded 5000 Series Processors	Unaffected: EmbAM4PI 1.0.0.7 + OS Update
AMD	AMD Ryzen™ Embedded 7000 Series Processors	Unaffected: EmbeddedAM5PI 1.0.0.3 + OS updates
AMD	AMD Ryzen™ Embedded V3000 Series Processors	Unaffected: Embedded-PI_FP7r2 100C + OS updates
AMD	AMD EPYC™ Embedded 97X4	Unaffected: EmbGenoaPI-SP5 1.0.0.9 + OS updates
AMD	AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics	Unaffected: CezannePI-FP6 1.0.1.1b + OS Updates

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36350",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T20:23:14.382306Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T20:23:25.907Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:08:39.481Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
          },
          {
            "url": "http://xenbits.xen.org/xsa/advisory-471.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/08/28/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 7003 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MilanPI 1.0.0.G + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.E + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GenoaPI 1.0.0.E + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9V64H Processor",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MI300PI 1.0.0.7 + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.E + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI 1.2.0.E + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.2.0.3 + OS Updates"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.0.0.a+ OS Updates"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5PI  1.1.0.3c+ OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5PI 1.2.0.3 + OS Updates"
            },
            {
              "status": "unaffected",
              "version": "ComboAM5PI  1.1.0.3c+ OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6 1.1.0.0i + OS Updates"
            },
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6 1.0.0.1k + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7 1.0.0.Bb + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7035 Series Processor with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "RembrandtPI-FP7 1.0.0.Bb + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.1.1b + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7040 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8040 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "PhoenixPI-FP8-FP7 1.2.0.0 + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Mobile Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "DragonRangeFL1 1.0.0.3g + OS Updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbMilanPI-SP3 1.0.0.A + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 5000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbAM4PI 1.0.0.7 + OS Update"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded 7000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbeddedAM5PI 1.0.0.3 + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Embedded V3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Embedded-PI_FP7r2 100C + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 97X4",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.9 + OS updates"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CezannePI-FP6 1.0.1.1b + OS Updates"
            }
          ]
        }
      ],
      "datePublic": "2025-07-08T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.\u003cbr\u003e"
            }
          ],
          "value": "A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1421",
              "description": "CWE-1421  Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-08T17:02:23.593Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2024-36350",
    "datePublished": "2025-07-08T16:56:39.834Z",
    "dateReserved": "2024-05-23T19:44:50.000Z",
    "dateUpdated": "2025-11-04T21:08:39.481Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2025:02319-1

CVE-2025-27465 (GCVE-0-2025-27465)

CVE-2024-36357 (GCVE-0-2024-36357)

CVE-2024-36350 (GCVE-0-2024-36350)

Tags

Sightings

Nomenclature