Xen Denial of Service Vulnerability

Release Date: 3 Mar 2025

RISK: Medium Risk

TYPE: Operating Systems - VM Ware

A vulnerability was identified in Xen. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system.

---

Impact

• Denial of Service

---

System / Technologies affected

• Xen versions 4.0 and later are affected.  

Xen versions 3.4 and earlier are not directly affected, but had other issues.

 

Systems with Intel IOMMU hardware (VT-d) are affected.  Systems using AMD or non-x86 hardware are not affected.

 

Only systems where certain kinds of devices are passed through to an unprivileged guest are vulnerable.

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://xenbits.xen.org/xsa/advisory-467.html

---

Vulnerability Identifier

• CVE-2025-1713

---

Source

• Xen Project
• AusCERT

---

Related Link

• https://xenbits.xen.org/xsa/advisory-467.html
• https://portal.auscert.org.au/bulletins/ESB-2025.1397/