SB2026032730 - SUSE update for xen
Published: March 27, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2026-23554)
The vulnerability allows a local user to escalate privileges, cause a denial of service, and leak information.
The vulnerability exists due to a use after free in the Intel EPT paging structures when modifying page mappings under the p2m lock. A local user on the guest OS can trigger the premature release of paging structures before cached EPT state is flushed, leading to stale entries in the cache that reference freed memory. This can result in access to unintended memory regions of the hypervisor.
The vulnerability affects x86 Intel systems with EPT support running Xen 4.17 or later. Only x86 HVM/PVH guests using HAP are able to leverage the vulnerability. Exploitation does not require additional privileges beyond those of a normal guest user, but access to a guest VM is required.
Remediation
Install update from vendor's website.