CNNVD-202510-4448 Information

CNNVD ID

CNNVD-202510-4448

Related CVE

CVE-2025-58147

• CNNVD Published: 2025-10-31

Description (Chinese)

Xen是Xen开源的一款开源的虚拟机监视器产品。该产品能够使不同和不兼容的操作系统运行在同一台计算机上，并支持在运行时进行迁移，保证正常运行并且避免宕机。 Xen存在安全漏洞，该漏洞源于边界检查错误，可能导致越界读取和写入。

Description (English)

Xen is an open-source virtual machine monitor product. The product enables different and incompatible operating systems to operate on the same computer and supports migration during operation to ensure proper operation and avoid loss of power. Xen has a security loophole, which stems from a border check error that may lead to cross-border reading and writing.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Xen

Published

2025-10-31

Last Modified

2026-02-24

References

https://xenbits.xenproject.org/xsa/advisory-475.html https://vigilance.fr/vulnerability/Xen-buffer-overflow-via-Viridian-Hypercalls-48534

Patch

https://xenbits.xenproject.org/xsa/advisory-475.html