vulnerability

Debian: CVE-2025-27465: xen -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:N/A:P)	Jul 7, 2025	Jul 7, 2025	Dec 4, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:N/A:P)

Published

Jul 7, 2025

Added

Jul 7, 2025

Modified

Dec 4, 2025

Description

Certain instructions need intercepting and emulating by Xen. In some
cases Xen emulates the instruction by replaying it, using an executable
stub. Some instructions may raise an exception, which is supposed to be
handled gracefully. Certain replayed instructions have additional logic
to set up and recover the changes to the arithmetic flags.

For replayed instructions where the flags recovery logic is used, the
metadata for exception handling was incorrect, preventing Xen from
handling the the exception gracefully, treating it as fatal instead.

Solutions

debian-upgrade-xenno-fix-debian-deb-package

References

CVE-2025-27465
https://attackerkb.com/topics/CVE-2025-27465
CWE-755
DEBIAN-DSA-6068-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today