Main Vulnerability Database Vulnerabilities #VU124113

#VU124113 Use-after-free in Xen - CVE-2026-23554

Published: March 18, 2026

Vulnerability identifier: #VU124113

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/U:Green

CVE-ID: CVE-2026-23554

CWE-ID: CWE-416

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Xen

Software vendor:
Xen Project

Description

The vulnerability allows a local user to escalate privileges, cause a denial of service, and leak information.

The vulnerability exists due to a use after free in the Intel EPT paging structures when modifying page mappings under the p2m lock. A local user on the guest OS can trigger the premature release of paging structures before cached EPT state is flushed, leading to stale entries in the cache that reference freed memory. This can result in access to unintended memory regions of the hypervisor.

The vulnerability affects x86 Intel systems with EPT support running Xen 4.17 or later. Only x86 HVM/PVH guests using HAP are able to leverage the vulnerability. Exploitation does not require additional privileges beyond those of a normal guest user, but access to a guest VM is required.

Remediation

Install updates from vendor's website.

External links

https://xenbits.xen.org/xsa/advisory-480.html

#VU124113 Use-after-free in Xen - CVE-2026-23554

Description

Remediation

External links

Please verify you're human