Home / mailings [SECURITY] [DSA 6068-1] xen security update
Posted on 02 December 2025
Debian Security Advisory- -------------------------------------------------------------------------
Debian Security Advisory DSA-6068-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
December 02, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : xen
CVE ID : CVE-2024-28956 CVE-2024-36350 CVE-2024-36357
CVE-2025-27465 CVE-2025-27466 CVE-2025-58142
CVE-2025-58143 CVE-2025-58144 CVE-2025-58145
CVE-2025-58147 CVE-2025-58148 CVE-2025-58149
CVE-2025-1713
Multiple vulnerabilities have been discovered in the Xen hypervisor,
which could result in memory disclosure, denial of service or
privilege escalation.
For the oldstable distribution (bookworm), these problems have been fixed
in version 4.17.5+72-g01140da4e8-1.
For the stable distribution (trixie), these problems have been fixed in
version 4.20.2+7-g1badcf5035-0+deb13u1.
We recommend that you upgrade your xen packages.
For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
